Open Bug 489167 Opened 14 years ago Updated 6 months ago
Firefox erroneously reports connection partially encrypted on page with empty href attribute in link tag
(Firefox :: Security, defect)
(Reporter: steen, Unassigned)
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; da; rv:22.214.171.124) Gecko/2009032609 Firefox/3.0.8 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; da; rv:126.96.36.199) Gecko/2009032609 Firefox/3.0.8 On an https connection, a visit to a page containing the HTML tag <link rel="stylesheet" type="text/css" href="" /> will trig a security error popup stating that elements on the web page are not encrypted. The pad lock image is broken, and the details reports, that the connection is only partially encrypted. Reproducible: Always Steps to Reproduce: 1. Put the HTML tag <link rel="stylesheet" type="text/css" href="" /> into an HTML page. 2. View the page over an https connection. 3. You should get the security warning. Actual Results: I get a security warning. Expected Results: There should be no security warning, since including the stylesheet with the filename "" is not a security risk.
14 years ago
this may be related. Using FF/3.5.3 to get a frameset over an HTTPS connection. One of the frames in the frameset has a "src" attribute with a value of "about:blank". FF reports the frameset page as "partially encrypted" BJ
6 months ago
Severity: minor → S4
You need to log in before you can comment on or make changes to this bug.