197443 - padlock shows wrong security status when viewing a page with frames (secure and not secure)

Status: VERIFIED WONTFIX

(Core Graveyard :: Security: UI, defect, P3)

Description

[S2]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312

first of all, i saw bug 140837 (how can i link to it in a message?), and i think
this is not related to it (but i can be wrong).

go to a page with two frames, one is secure, and the other not.
the padlock shows that the page is insecure (open lock), but in my opinion it
should be the "mixed content" icon (am i wrong?).

additionaly, rightclicking on the secure frame, and going to frame info, shows
no security tab, even if the frame is secure.

Reproducible: Always

Steps to Reproduce:

Comment 1

[Matthias Versen [:Matti]]

-> PSM (Please don't file crypto bugs on security:general)

Comment 2

[John Unruh]

If you put this code on a secure server you will see a mixed lock icon. If you
put it on an insecure server, you will see a broken lock icon. This is as designed.
<html>
 <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
       <title>Frame Test</title>
 <frameset COLS="50%,50%">
 <frame SRC="https://www.verisign.com">
 <frame SRC="http://www.verisign.com" NAME="home">

 </frameset>
 </head>
 <body>
 </body>
 </html>

Right clicking on a frame and viewing frame info does not show the security tab
is as designed.

Comment 3

[John Unruh]

Verified.

Comment 4

[Christopher Aillon (sabbatical, not receiving bugmail)]

*** Bug 224770 has been marked as a duplicate of this bug. ***