Closed Bug 247872 Opened 19 years ago Closed 17 years ago

Add secure site notification to pages that post to secure address

Categories

(Core Graveyard :: Security: UI, enhancement)

enhancement
Not set
normal

Tracking

(Not tracked)

VERIFIED WONTFIX

People

(Reporter: beerfan, Assigned: KaiE)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040614 Firefox/0.9
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040614 Firefox/0.9

This may be an unreasonable request but it would be desirable to have
notification if a form will be submitted to a secure URL even though the form is
not secure. It is often that a form like a login form is not secure but posts to
a secure URL and having notification of this would help to ease the users mind.

A possible pitfall with this feature is that when multiple forms are used on a
page, one could be secure (possibly a trojan form or perhaps just another form)
while others are not. A workaround could be to only display the notification if
_all_ forms on the page post to secure URLs, or perhaps if there is only a
single form on the page.

Reproducible: Always
Steps to Reproduce:
Not sure if this is a dup or not.

What we should do is this:

A form on a secured page must submit to the same server as shown in the URL
bar.... or a very serious dialog appears.

This gets rid of frames as a workaround to mask who it really is your sending
data too.
leave this UNCO ?
This is an automated message, with ID "auto-resolve01".

This bug has had no comments for a long time. Statistically, we have found that
bug reports that have not been confirmed by a second user after three months are
highly unlikely to be the source of a fix to the code.

While your input is very important to us, our resources are limited and so we
are asking for your help in focussing our efforts. If you can still reproduce
this problem in the latest version of the product (see below for how to obtain a
copy) or, for feature requests, if it's not present in the latest version and
you still believe we should implement it, please visit the URL of this bug
(given at the top of this mail) and add a comment to that effect, giving more
reproduction information if you have it.

If it is not a problem any longer, you need take no action. If this bug is not
changed in any way in the next two weeks, it will be automatically resolved.
Thank you for your help in this matter.

The latest beta releases can be obtained from:
Firefox:     http://www.mozilla.org/projects/firefox/
Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html
Seamonkey:   http://www.mozilla.org/projects/seamonkey/
isn't this a security bug ?
Jesse, you know a dupe of this ?
I don't know whether this is a dup of the top of my head.  I was about to
WONTFIX this for reasons given in
http://www.squarefree.com/2005/05/28/banks-and-https/, but Robert Accettura's
idea in comment 1 is interesting.
Assignee: firefox → kaie.bugs
Component: General → Security: UI
Product: Firefox → Core
QA Contact: general
Version: unspecified → Trunk
Robert's comment 1 seems almost the opposite of this bug. At least as I read it,
he's saying that on a secure page, the forms must submit back to the server in
the url bar (even, or especially, for child frames). Interesting idea, probably
breaks too much of the web-as-it-is, but in any case needs its own bug. Too big
a morph from this one.

Jesse's interpretation seems to be that on a NON SSL page, a form that submits
securely back to the visible host might be allowed without a warning. I dunno,
that only encourages them. And in lots of current cases that won't make the
warning go away because they use different hosts for logging in (e.g.
https://login.yahoo.com vs mail.yahoo.com and so on with the login form).

Maybe a separate bug from this one if you think it's worth persuing. This one
I'd like to go on record as WONTFIX as a popular but very bad idea.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → WONTFIX
Dan read my mind correctly :)
Status: RESOLVED → VERIFIED
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.