[ssl] ssl not supported in mozilla

VERIFIED INVALID

Status

()

Core
Networking
P3
major
VERIFIED INVALID
18 years ago
18 years ago

People

(Reporter: Alex, Assigned: Warren Harris)

Tracking

Trunk
x86
Windows NT
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

18 years ago
The browser doesn't appear to execute ".asp" scripts properly.

Same problem experienced at < http://www.btopi.com> when attempting to log into
Syntranet.
ASP scripts are server-side scripts.  This means either:
  * there's a bug in browser-detection in the given script (possibly a bug for
ekrock)
  * there's something else wrong with the pages mentioned, such as a bad MIME
type
  * there's a real bug on the above pages

The page http://www.btopi.com/btorder/default.asp seems to be the first of the
above problems - it's blank when I load it into lynx.  However, loading a blank
page should show something blank rather than continuing to show the previous
page... that's probably a separate bug.

I don't see the problem on http://www.hotmail.msn.com/ - you need to give more
detailed instructions to reproduce.
Reporter responded by email (please don't):
>The problem I am having with Hotmail is that the browser does nothing when I
>click on the "sign in" button.  On closer investigation, it might not be an
>asp script however, so I don't know what to attribute it to.

Updated

18 years ago
Severity: minor → major
Component: Browser-General → Necko

Comment 3

18 years ago
Clicking "Sign in" at http://www.hotmail.msn.com should take you to
https://lc2.law5.hotmail.passport.com/cgi-bin/dologin

http://www.btopi.com/btorder/default.asp is redirected to
https://www.btopi.com/btorder/secure/default.asp

Niether https URL load anything (last page remains intact) and no error dialog
is presented either.

Updated

18 years ago
Assignee: leger → gagan

Updated

18 years ago
Component: Necko → Networking-Core

Comment 4

18 years ago
Verified on Win98.

Overview Description:
I have a number of related problems with hotmail.  First, I can't type anything
in the 'login' window unless I first click somewhere else on the page.  Second,
after I've typed in my login and password, nothing happens when I click the
"Sign In" button.  Third, if I then hit 'Reload', Mozilla crashes.

Steps to Replicate

1) Go to www.hotmail.com
2) WITHOUT CLICKING ANYWHERE ELSE, click in the "Member Name" textbox and try to
type something.

Actual Results: No text appears.
Expected Results: Text appears in the box.

3) Click somewhere else on the webpage.
4) Click in "Member Name" textbox. Enter some gibberish.
5) Click in password box. Enter more gibberish.
6) Click "Sign In".

Actual Result: The button depresses, but nothing else happens.  Other links
work, so it's not frozen.

Expected result: Hotmail sends me those security messages and then says "Login
failure" (unless I got REALLY lucky ;-)

7) Click "Reload".

Actual result: *foom*
Expected result: Page reloads with member id and password fields empty.

Build Date & Platform Bug Found: 11-15-08-1999, Win98

Comment 5

18 years ago
Resetting QA contact from leger.

Comment 6

18 years ago
*** Bug 19993 has been marked as a duplicate of this bug. ***
(Assignee)

Updated

18 years ago
Assignee: gagan → valeski
Blocks: 20378
Target Milestone: M13
(Assignee)

Comment 7

18 years ago
Could be a dup of 16757.

Updated

18 years ago
Assignee: valeski → pollmann

Comment 8

18 years ago
I can't get the submit button to do anything at all.

test account:
username "nstest"
pwd "netscape"

Updated

18 years ago
Status: NEW → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → DUPLICATE

Comment 9

18 years ago
mozilla won't let you log into hotmail because the action of the form on the
hotmail page is an SSL login (https). Mozilla doesn't support https. Therefore
it doesn't work.

As far as having to click somewhere else first: that's a duplicate of bug 18258.
And the foom? Try a newer build... I'm on WinNT and m11, and 1999120108(nightly
build) WORKSFORME.

*** This bug has been marked as a duplicate of 18258 ***
(Reporter)

Updated

18 years ago
Status: RESOLVED → REOPENED
(Reporter)

Comment 10

18 years ago
This bug should not be marked as a duplicate because the original core problem
reported has **not been resolved for a milestone release** and **was not a
duplicate of any other reported bug**.  Definitely needs to support https.

Comment 11

18 years ago
The original bug says the browser doesn't execute .asp scripts properly, which
isn't true at all.

If the original quip is that mozilla doesn't support https then maybe a generic
"no ssl" bug needs to be created. The closest i could find was bug 17697.
So this bug is probably a duplicate of bug 17697.

Updated

18 years ago
Resolution: DUPLICATE → ---

Comment 12

18 years ago
Clearing DUPLICATE resolution due to reopen.

Updated

18 years ago
Summary: Unable to log in → ssl not supported in mozilla

Comment 13

18 years ago
I'm not sure what the plans are on this, but it seems like a networking issue.
I'm reassigning this to Warren as he might have an idea.  ?

Updated

18 years ago
Assignee: pollmann → warren
Status: REOPENED → NEW
(Assignee)

Updated

18 years ago
Target Milestone: M13 → M14
*** Bug 20675 has been marked as a duplicate of this bug. ***

Comment 15

18 years ago
It is my understanding that mozilla will not support https because of the US
export restrictions. However that should not prevent a third party (someone from
Australia maybe ...) to add https support to mozilla downloadable from another
side.
(Reporter)

Comment 16

18 years ago
Given that currently available versions of Netscape and Explorer support https,
it does not make any sense that export restrictions would be involved.
(Hotmail is used internationally for one thing).  The export restrictions
involve encryption levels (ie. only 40-bit encryption can be exported to any
country other than Canada).  Netscape 5.0 most certainly should support https-
no one is going to use a product that is devolving! :-)

Comment 17

18 years ago
Everyone should read the mozilla crypto faq
http://www.mozilla.org/crypto-faq.html before posting on this bug.
In short: Mozilla cannot include cryto source code because of export
restrictions. This doesn't mean that Netscape 5.0 can't or won't support ssl.

Although it doesn't rule out whether or not Mozilla will ever support ssl. It
seems to me that ssl will be a bundled in Netscape's mozilla package. Where as
anyone else using the mozilla code as a base won't have ssl support...

Basically: Don't get your panties into an uproar about this.

On a gentler note, maybe this "bug" should be marked as an enhancement...
(Reporter)

Comment 18

18 years ago
Bottom line is that there should be no problem whatsoever with providing this
feature given that current versions of the software support it.  I am of course
referring to final compiled software, whose source code can not be legitimately
obtained anyway.

And no offense, but it sure is heck is more than just an enhancement! :-)  A
browser that doesn't support SSL is useless because no secure transmissions are
possible.  Say goodbye not only to web e-mail, but net shopping, etc...

Comment 19

18 years ago
I would rather mark this as INVALID as it's not even a bug. It's a known feature
of Mozilla. Bottom Line really is: Read The FAQ.

Updated

18 years ago
Severity: major → enhancement
(Reporter)

Updated

18 years ago
Severity: enhancement → major
(Reporter)

Comment 20

18 years ago
THIS IS NOT MERELY AN ENHANCEMENT!  I AM AWARE OF THE ISSUES REGARDING CRYPTO
AND SSL: _SOURCE CODE_ FOR CRYPTO CANNOT BE EXPORTED UNDER U.S. LAW, THEREFORE
IT CANNOT BE POSTED TO MOZILLA.  THE FAQ THAT HAS BEEN REFERRED TO ADDRESSES
_ONLY_ THIS ISSUE, _NOT_ THE RELEASE OF COMPILED MILESTONES OR THE FINAL
VERSION!  _HOWEVER_, SUPPORT FOR THIS FEATURE IS ONE OF THE MOST CRITICAL
FUNCTIONS OF ANY CURRENT BROWSER, IT WOULD BE _USELESS_ WITHOUT IT!  THERE IS
_NO_ EXPORT VIOLATION INHERENT TO A _COMPILED_ BROWSER THAT SUPPORTS 40 BIT OR
LESS SSL ENCRYPTION!!  DOESN'T REALLY MATTER _HOW_ IT GETS INTO A _COMPILED_
VERSION (MILESTONE OR FINAL RELEASE), BUT IT ABSOLUTELY MUST BE INCLUDED!  I
WOULD HAVE TO ASSUME THAT THIS RESPONSIBILITY LIES WITH NETSCAPE OR WHOMEVER IS
THE FINAL ENDPOINT FOR DEVELOPMENT AND COMPILATION OF THE APP.  THIS IS A _BUG_
AND IT MUST BE _RESOLVED_ AT SOME POINT EVEN IF IT CAN'T BE AN OPEN-SOURCE
COMPONENT, OR _NO ONE_ WILL USE THIS BROWSER.  END OF STORY.
(Assignee)

Updated

18 years ago
Status: NEW → RESOLVED
Last Resolved: 18 years ago18 years ago
Resolution: --- → INVALID
(Assignee)

Comment 21

18 years ago
Hey! No shouting allowed. As jwelwell said, read the FAQ. If we could say more
about this subject, we would in the FAQ, but for now the issues is closed.
(Reporter)

Comment 22

18 years ago
Sorry about the shouting, but people were trying to act like they knew more
than they did.  I HAVE read the FAQ and it addresses an unrelated issue that
I'm not disputing.  As long as it is in fact recognized as a bug by someone,
even if it needs to be addressed differently than a standard bug.  It is
certainly a significant one.

Comment 23

18 years ago
Bulk move of all Networking-Core (to be deleted component) bugs to new
Networking component.

Updated

18 years ago
Summary: ssl not supported in mozilla → [ssl] ssl not supported in mozilla

Comment 24

18 years ago
I'm not going to re-open the bug just to mark it as a duplicate, but this is a
duplicate of 14964. and if you have permissions, bug 15082.

Comment 25

18 years ago
marking verified.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.