Closed
Bug 280461
Opened 20 years ago
Closed 20 years ago
unsecured page appears encrypted after going to an ssl site that causes redirection limit exceeded error
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 268483
People
(Reporter: marcus, Assigned: darin.moz)
References
()
Details
(Whiteboard: [sg:fix])
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050104 Firefox/1.0 Build Identifier: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050104 Firefox/1.0 The indicators that the current page is encrypted with ssl are turned on on an unsecured page under certain circumstances. Reproducible: Always Steps to Reproduce: 1. Go to an unsecured page 2. Go to a ssl-enabled site that causes redirection limit exceeded error 3. Observe that the URL bar is yellow and padlock icons are lit, while displaying unsecured page. Actual Results: The URL bar displays the URL of the unencrypted site, the unencrypted site is displayed, but the ssl-excured page indicators are lit up. Expected Results: The ssl-encrypted page indicators should not be displayed under these circumstances.
Comment 1•20 years ago
|
||
Confirming, moving to Core.
Updated•20 years ago
|
Flags: blocking1.7.6?
Flags: blocking-aviary1.0.1?
Comment 3•20 years ago
|
||
+ for 1.0.1
Flags: blocking1.8b+
Flags: blocking-aviary1.0.1?
Flags: blocking-aviary1.0.1+
Assignee | ||
Comment 5•20 years ago
|
||
This may be a duplicate of bug 268483. A redirection limit exceeded error is reported by necko in the same way as a connection failure, and the fix for bug 268483 may very well have solved this bug too.
Assignee | ||
Comment 6•20 years ago
|
||
After some testing, I determined that this is indeed a duplicate. My test consisted of setting up an Apache server with a CGI script that redirects infinitely to itself. I then setup a HTML page that links to the CGI script. I hosted the HTML page on a http:// link and the CGI script on a https:// link. In firefox 1.0, I can reproduce the problem, but with a recent aviary 1.0.1 branch build, the problem does not exist. Therefore, I conclude that this is a dupe. *** This bug has been marked as a duplicate of 268483 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Updated•20 years ago
|
Flags: blocking1.8b+
Flags: blocking1.7.6+
Flags: blocking-aviary1.0.1+
Updated•20 years ago
|
Group: security
You need to log in
before you can comment on or make changes to this bug.
Description
•