Closed
Bug 280461
Opened 20 years ago
Closed 20 years ago
unsecured page appears encrypted after going to an ssl site that causes redirection limit exceeded error
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 268483
People
(Reporter: marcus, Assigned: darin.moz)
References
()
Details
(Whiteboard: [sg:fix])
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050104 Firefox/1.0
Build Identifier: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050104 Firefox/1.0
The indicators that the current page is encrypted with ssl are turned on on an
unsecured page under certain circumstances.
Reproducible: Always
Steps to Reproduce:
1. Go to an unsecured page
2. Go to a ssl-enabled site that causes redirection limit exceeded error
3. Observe that the URL bar is yellow and padlock icons are lit, while
displaying unsecured page.
Actual Results:
The URL bar displays the URL of the unencrypted site, the unencrypted site is
displayed, but the ssl-excured page indicators are lit up.
Expected Results:
The ssl-encrypted page indicators should not be displayed under these circumstances.
Comment 1•20 years ago
|
||
Confirming, moving to Core.
Updated•20 years ago
|
Flags: blocking1.7.6?
Flags: blocking-aviary1.0.1?
Comment 3•20 years ago
|
||
+ for 1.0.1
Flags: blocking1.8b+
Flags: blocking-aviary1.0.1?
Flags: blocking-aviary1.0.1+
Assignee | ||
Comment 5•20 years ago
|
||
This may be a duplicate of bug 268483. A redirection limit exceeded error is
reported by necko in the same way as a connection failure, and the fix for bug
268483 may very well have solved this bug too.
Assignee | ||
Comment 6•20 years ago
|
||
After some testing, I determined that this is indeed a duplicate.
My test consisted of setting up an Apache server with a CGI script that
redirects infinitely to itself. I then setup a HTML page that links to the CGI
script. I hosted the HTML page on a http:// link and the CGI script on a
https:// link. In firefox 1.0, I can reproduce the problem, but with a recent
aviary 1.0.1 branch build, the problem does not exist. Therefore, I conclude
that this is a dupe.
*** This bug has been marked as a duplicate of 268483 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Updated•20 years ago
|
Flags: blocking1.8b+
Flags: blocking1.7.6+
Flags: blocking-aviary1.0.1+
Updated•20 years ago
|
Group: security
You need to log in
before you can comment on or make changes to this bug.
Description
•