User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312 dataloss caused by or related to Security Warning popup alert - you are about to leave an encyrypted page ... Even though compose screen is well-coded to prevent it, webmail being composed (or other filled in form data) is lost; 'back' doesn't work right. Reproducible: Always Steps to Reproduce: 1.In Mozilla the browser, start composing an email (in general filling in a form) in a web page with a secure, non-expiring webmail compose screen (in this case a fastmail.fm account was used; you can get a free guest account there for testing purposes; login securely) 2.Start doing something else, and click on a http URL link (in this case in an email in MozillaMail) and the link opens in the Mozilla browser window - the same one where you were composing an email. Fastmail has coded the page such that normally, you can press 'back' (e.g. if you press send and it fails, so you hit 'back' to retry), you are taken back to where you were- you don't lose the draft of the email. Therefore, expect to be able to continue editing your email. Actual Results: A popup appears (per my preferences; this is the default): a <Security Warning: you are about to leave an encyrypted page ...> alert comes up, and whatever I do, the unsent mail is lost. This does not happen if the link I click on is to another secure page – pressing back works. (e.g https://www.cardscan.net/o/log.asp?code=902&url=optout.asp%3FID%3D983VKGCAAncnEV5Nly1Dec3W7g=%26t%3D1 (Sorry if this is a dupe; I did search! Searching: keyword dataloss; title: secur* or encryp*...) Expected Results: 1. 'Cancel' or closing (X-ing) the window should have cancelled the load of the page _and_ brought me back to the partly composed email. 2. Back should bring me back to the partly composed email. If I disable "Leaving a page that supports encryption" SSL warning, this problem does not occur. I would guess that the problem also occurs if going from http compose page to a https url, if there is an SSL Warning popup. (vs. from https to http; Not tested.)
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: Browser → PSM
QA Contact: carosendahl → bmartin
Version: Trunk → 2.4
Sounds bad. But the workaround is not not simply click on links in the email window while you have important content in some browser window. Instead, use the right click popup menu and choose open in a new window/tab,
Changing Summary from: form field dataloss ONLY caused by or related to Opening insecure http url *after* a https page and getting Security Warning popup alert - you are about to leave an encyrypted page ... to Leaving encrypted page warning clears browser form content
Summary: form field dataloss ONLY caused by or related to Opening insecure http url *after* a https page and getting Security Warning popup alert - you are about to leave an encyrypted page ... → Leaving encrypted page warning clears browser form content
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody
This worksforme with linux seamonkey trunk build 2005111601 and 1.0a, even with bfcache disabled.
Kai: what were you trying to say? "...is not not simply..."? Tabs..Open links from other application in... must be set to: "the most recent tab/window" to get hit by the bug. Also, security.warn_leaving_secure and security.warn_entering_secure should both be true. Hmm. I'm not able to reproduce w/Tbird 1.5 on MacOS 10.4.2. I'll check the platform (XP) where I initially hit the bug.
I think two years ago I was trying to say: "But the workaround is to simply not click" which of course is not a real solution, just answering your question.
Bug 799009 removed these popups/prompts.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WORKSFORME
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.