User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:188.8.131.52) Gecko/20060917 Firefox/184.108.40.206 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:220.127.116.11) Gecko/20060917 Firefox/18.104.22.168 When you downloading CRL over SSL (https) the SSL lock icon is left on the screen, even though the web page is not using SSL. Reproducible: Always Steps to Reproduce: 1. Install the Root CA certificate from my page http://raapr.org/ca/ 2. download the CRL from the same page - the CRL is located on https://home.raapr.org/~ca/raapr_root.crl 3. You see the LOCK ICON on http://raapr.org/ca/ Actual Results: You see the LOCK ICON on http://raapr.org/ca/ even though the page is not encrypted Expected Results: no lock icon showing as the page is not encrypted I have not verified if this happens for other downloads (besides CRL) but probably it will... This might also lead to an exploit which makes the user believe that the viewed page is encrypted. I have not tested this on Windows version.
tried today with Windows version and same happens with it too.
Version: unspecified → 1.5.0.x Branch
Reporter, do you still see this problem with the latest Firefox 2? If not, can you please close this bug as WORKSFORME. Thanks!
Whiteboard: CLOSEME 07/09
seems to have been corrected in Firefox 22.214.171.124
Status: UNCONFIRMED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.