spurious security warning when following link to a section within the current secure page

RESOLVED WORKSFORME

Status

SeaMonkey
Security
RESOLVED WORKSFORME
13 years ago
13 years ago

People

(Reporter: lvm, Assigned: dveditz)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

13 years ago
User-Agent:       Mozilla/5.0 (OS/2; U; Warp 3; en-US; rv:1.8b) Gecko/20050301
Build Identifier: Mozilla/5.0 (OS/2; U; Warp 3; en-US; rv:1.8b) Gecko/20050301

Prerequisites: SSL warining 'Leaving a page that supports encryption' must be on.

Note: although the urls listed in the 'Steps to reproduce' section are real, I
cannot provide you with the login information, so you will have to test it
somewhere else unless you have an MTS account and know some russian. Sorry.

When a link to a section within the current secure (https) page is followed, a
spurious security message is displayed. Following the same link from some other
page on the same secure server does not generate this warning.


Reproducible: Always

Steps to Reproduce:
1. Go to 'https://www.mts.ru/cgi-bin/cgi.exe?function=is_chservice'
2. Click on a 'link leading to 'href="cgi.exe?function=is_chservice#discount"'.
(actual link is called 'Получение скидок 15% и 50%' - in russian)


Actual Results:  
Mozilla follows the link, then security warning 'You are about to leave an
encrypted page...' pops up.


Expected Results:  
Warinig should not be displayed
(Reporter)

Comment 1

13 years ago
Immediately after submitting this bug I've thought an easier way to reproduce it
than bying an MTS account:

1. Go to https://bugzilla.mozilla.org/page.cgi?id=fields.html#new
2. Go to https://bugzilla.mozilla.org/page.cgi?id=fields.html#resolution - no
links there, just type in the page address field - same page, different section.
3. Spurious security warning pops up

Comment 2

13 years ago
Reproducible with Mozilla 1.8b1 but WFM with Deer Park a1 and Mozilla
1.8b2/20050613, related to Core bug 283733?

Updated

13 years ago
Version: unspecified → Trunk

Comment 3

13 years ago
Yes, WFM in current OS/2 nightly. lvm, if you can reproduce in a new build,
please reopen.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.