Closed
Bug 349208
Opened 18 years ago
Closed 18 years ago
Secure icon shown on pages with insecure content
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 349209
People
(Reporter: bugzilla, Assigned: dveditz)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b2) Gecko/20060818 BonEcho/2.0b2 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b2) Gecko/20060818 BonEcho/2.0b2 The secure-site icon is appearing for websites and can be "bypassed" if necessary as well. If you navigate to the website in my URL field you can login Reproducible: Always Steps to Reproduce: 1. navigate to the website in the URL field 2. login 3. refresh the page, then head to http://webmail.optonline.net again (make sure cookies are enabled "save session" is ticked off when you log into the website) Actual Results: upon refresh/login the site will display a secure logo instead. Expected Results: The secure site icon should be consistent with what is discovered by the browser. It should not change it's mind after refreshing the mail page itself. If it is true that the mail-server itself has a secure certificate, then the browser should have loaded the new certificate anyways and the icon should be adopted the new secure appearance. If someone cannot be found who does not have an account with Optimum Online, I'll be more than happy to provide you with an e-mail address so that it can be tested out. I have marked this as a security problem for only one reason. I do not know much about the inner-workings of FireFox on this end and as such, I do not know how this type of problem might/might-not be used against someone. Thanks to Dave Townsend for helping me write this long winded bug report :-)
Comment 1•18 years ago
|
||
*** This bug has been marked as a duplicate of 349209 ***
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•