Closed Bug 50931 Opened 24 years ago Closed 24 years ago

Mac-Security Warnings are blank

Categories

(Core Graveyard :: Security: UI, defect, P3)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
PowerPC
Other
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: junruh, Assigned: javi)

References

(
URL
)

Details

(Whiteboard: [nsbeta3-][dogfood+][rtm-][PDTP3] relnote-user) 

1.) Visit a site with an untrusted CA or a non-matching cert name like 
https://www.kmart.com/
What happens: A blank window appears the size of a New Web Site Cert window, and 
I cannot proceed.
Assignee: ddrinan → javi
Assign all Mac PSM bugs to me.
Adding nsbeta3 keyword.
Keywords: nsbeta3
This sounds like a regression in the way Mozilla handles some JS events again 
since we changed nothing about UI on the mac yesterday.
This sounds bad.  marking Nsbeta3+
Whiteboard: [nsbeta3+]
This could be a duplicate of bug 32327.

Does the problem go away if all the plug-ins are moved out of the Plugins folder before 
launching Mozilla?
Do other XUL dialogs work?
Do native dialogs (eg. Print) work?
Is ATM Deluxe installed?
Blocks: 42916
I'm not seeing this.  The name mis-match dialog came up and I clicked through 
it.  Are you still seeing this junruh?
I'm still seeing this. It's not consistent, and you may need to try two new 
untrusted web sites in a row, or restart Netscape 6 and try a new untrusted web 
site. This happened to me on the second window on the first site I tried with 
the 9/6 commercial build. In a minute or so, I see "The operation timed out when 
attempting to contact oldmonk.red.iplanet.com.
Blocks: 48444
This is the compressed mac binary, not the installer version.
Severity: normal → major
Priority: P3 → P2
Summary: Mac-Security Pop-up windows are blank → Mac.sea.bin-Security Pop-up windows are blank
Assuming difficulty to reproduce, inconsistent, and doesn't happen with the 
installed version, PDT thinks this is P3.
Priority: P2 → P3
Whiteboard: [nsbeta3+] → [nsbeta3+][PDTP3]
Problem is that for some reason PSM tries to pop up a window for mis-matching 
names with every single connection that comes up.  On windows, you get an 
endless number of windows asking you to go on or cancel.  The Mac can't seem to 
handle all of those UI events and hangs.
Adding dogfood keyword.
Keywords: dogfood
Summary: Mac.sea.bin-Security Pop-up windows are blank → Mac-Security Pop-up windows are blank
junruh - do you get this problem with using the installed version?  If so, we
need to raise the priority of this.

Yes, the installed version. This makes getting certs and client auth impossible. 
This should really be fixed, and it worked in PR2.
This blocks SSL usage on enough sites (from the description) that I'm marking it
dogfood-plus.
I suspect that the fix is not going to make today's freeze... and unless there
are sudden comments, this should be changed to beta3-minus.
I also went and double-plussed this for RTM
Keywords: rtm
Whiteboard: [nsbeta3+][PDTP3] → [nsbeta3+][dogfood+][rtm++][PDTP3]
*** Bug 54572 has been marked as a duplicate of this bug. ***
Release noted - "Visiting a secure site with an untrusted Certificate Authority, 
or an expired or mis-matched certificate can bring up a blank dialog box."
Keywords: relnote3
Blocks: 49496
this is still happening with the PR3 build.  And, contrary to the release note, 

happens for sites that are signed by public CAs.  Example is accessing an SSL/

IMAP server (obob).  The UI comes up to ask me which cert to present, but there 

is no content in the dialog box.



Once this happens, the only fix is to quit N6 and restart.  It also affects 

client-auth websites that are signed by public CAs.  Again, the fix is to quit 

the browser and try again.  So its hard to know when the bug will happen again 

but it happen several times a day for me.


I just got this problem again.  I was sending an email message and obob wanted
to client-auth my SMTP connection.  The UI popped up and I saw a blank dialog.

I did a "view source" on the PSM dialog and saw this:
<html><body></body></html>

If that's the case, then Mozilla is displaying the wrong content in the window 

because that content gets returned for a request that looks like 

http://.../get?baseRef=blank



We only return that as the content for one of the frames in a frameset.  Does 

Mozilla require the <head>...</head> tag to be included?


What is happening with this bug?  No comment for a while... it is marked
dogfood, and we surely want it in RTM if it is safe enough.
Status??
Whiteboard: [nsbeta3+][dogfood+][rtm++][PDTP3] → [nsbeta3-][dogfood+][rtm need info][PDTP3]
This is a blocker bug and needs to be fixed for RTM. A Mac user cannot get 
certs, visit a site with a non-matching cert name or an expired cert, or encrypt 
stored passwords because a blank window appears, and the user cannot continue.
OS: All
Marking relnote-user in case this doesn't get fixed for RTM (which it should 
really be).

Gerv
Whiteboard: [nsbeta3-][dogfood+][rtm need info][PDTP3] → [nsbeta3-][dogfood+][rtm need info][PDTP3] relnote-user
Could this be yet another side effect of bug 55838?
Summary: Mac-Security Pop-up windows are blank → javi@netscape.com
-> [rtm-]
Whiteboard: [nsbeta3-][dogfood+][rtm need info][PDTP3] relnote-user → [nsbeta3-][dogfood+][rtm-][PDTP3] relnote-user
Why was the subject changed to my e-mail address?
Setting summary to what it originally was - "Mac-Security Warnings are blank"
This should not be rtm-. This makes the Mac nearly useless in many situations.
Summary: javi@netscape.com → Mac-Security Warnings are blank
*** Bug 58115 has been marked as a duplicate of this bug. ***
Fixed in the 10/29 MN6 Mac commercial build.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Verified with the 10/29 MN6 commercial Mac build.
Status: RESOLVED → VERIFIED
Mass changing Security:Crypto to PSM
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.1
Mass changing Security:Crypto to PSM
OS: All → other
Product: PSM → Core
Version: psm2.1 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.