Closed Bug 488527 Opened 16 years ago Closed 16 years ago

Website: https://personas.services.mozilla.com/signin?return=/upload contains insecure information

Categories

(Mozilla Labs Graveyard :: Personas Plus, enhancement)

Product:
Mozilla Labs Graveyard
Component:
Personas Plus
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: myk, Assigned: telliott)

Details

When I load https://personas.services.mozilla.com/signin?return=/upload, Firefox warns me: You have requested an encrypted page that contains some unencrypted information. Information that you see or enter on this page could easily be read by a third party. That message only appears if you have Preferences > Security > Warning Messages > Settings > "Show a warning dialog when:" > "I am about to view an encrypted page that contains some unencrypted information" checked. Nevertheless, that preference is checked by default, so users will see this if they haven't encountered this problem before (or have specified that they always want to be notified about it). Also, other parts of the Firefox interface warn users about a security problem with the site: the lock icon in Firefox has an exclamation point on it, its tooltip warns "contains unauthenticated content", the Page Info > Security tab says the page was only "partially encrypted", and Larry says the page is not encrypted at all! All that makes the site look less secure than it is, presuming that it's just images we're hosting without SSL. We should host everything linked from personas.services.mozilla.com pages with SSL so users don't think the site is insecure.
Assignee: cbeard → telliott
Severity: normal → enhancement
Should no longer be an issue on www.getpersonas.com, and personas.services will be going away soon.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Product: Mozilla Labs → Mozilla Labs Graveyard
You need to log in before you can comment on or make changes to this bug.