User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040615 Firefox/0.9 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040615 Firefox/0.9 Firefox will switch between a secure website and a non-secure website without warning. Reproducible: Always Steps to Reproduce: 1. Go to https://www.mail2web.com/ 2. After the page has loaded, enter http://www.cnn.com/ in the Location bar A warning will appear as the insecure site loads in the background. Wait a moment. The warning says "You are about to leave an encrypted page.." You have two options: 1. Do not press OK. You don't want to leave the secure site. 2. Don't press OK - you're not happy with leaving a secure site. There is no Cancel button. Close the warning box. Expected Results: Two improvements: 1. Do not load the insecure site until the user has chosen what they want to do. 2. Add a "Cancel" button to the warning dialog.
Summary: Security: Firefox switches between secure and insecure sites without warning → Security: Firefox switches between secure and insecure sites without useful warning
The notice is just a notification. In the case you suggested, clearly the user wants to go to www.cnn.com, so it is just informing the user that www.cnn.com is insecure. Adding a Cancel button would just present an unnessary choice to the user. Wontfixing. Feel free to reopen if you can provide us with a good case for why these changes would be useful, and maybe someone higher up the food chain will decide to do this.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → WONTFIX
> clearly the user wants to go to www.cnn.com Not always true. You'll get the same behaviour if the website decides to send you to an insecure site. Try logging in to www.hotmail.com
Status: RESOLVED → UNCONFIRMED
Resolution: WONTFIX → ---
I second the original request. When I'm on public WLAN I try to use https in order to keep my session/passwords safe and uncompromised. Then I get to a section of the site or click on a link that is insecure - and Firefox warns me about it, very cool! But what to do next? Basically, I have to abandon the browser window to continue surfing, because right now there are no other options. A "cancel" button would go a LONG way!
Does this mean this bug is finally going to be fixed? I laugh every time I see Firefox touting itself as "the most secure browser." This bug makes it the most *insecure* browser!
This dialog no longer appears following the STR in comment 0 - the secure connection data to the left of the URL bar is sufficient to convey the status of the connection to the user.
Status: NEW → RESOLVED
Last Resolved: 15 years ago → 6 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.