Closed Bug 550580 Opened 14 years ago Closed 14 years ago

Similar, but not same bug as 477118: https webpage triggers a "Page contains unencrypted information" mixed content warning

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 506008

People

(Reporter: ovaalst, Unassigned)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.9.2) Gecko/20100115 Firefox/3.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.9.2) Gecko/20100115 Firefox/3.6

A good example is the ebay.nl website. When you choose to login, the site becomes SSL encrypted.
While downloading the contents of this page the adress is already shown with https and with a "certification logo".
Before all of the page is loaded, sometimes, but frequently a warning comes: "Page contains unencrypted information", after clicking it away, the https is still in the adress bar, but the logo before it is gone.

You can however "fix it" manually to refresh (F5) the site and the page will almost always be shown in the right way: with "certication logo".

This is not a bug on Ebay only, I see this issue on a lot of sites but I choose Ebay as the example, because it happens quite frequently on that site. It also happens on this site, Bugzilla now and then.

Boris explained that the fundamental difference between this bug and bug 477118 is that this bug does not always shows it's behaviour.

This bug is not a recently introduced in Firefox. I have this since the firs version of 3.5.
It's a long time but, I long thought that bug 477118 would help.

Reproducible: Sometimes

Steps to Reproduce:
1. Browse to ebay.nl and press "Log in" on the upper side of the site.
2. 
3. 
Actual Results:  
Browser start with a SSL-session but before the content is completed to download, a warning comes: "Page contains unencrypted information" and the "SSL-logo / certification logo" is then gone.

Expected Results:  
Expected to see no warning and a normal SSL-encrypted page with the "certification logo"

It can be manually "fixed" to refresh (F5) the site. The site remains almost always encrypted now with the proper logo shown.
Summary: Similar, but not same bug as 477118 → Similar, but not same bug as 477118: https webpage triggers a "Page contains unencrypted information" mixed content warning
That login link has a tracker script attached to it that loads a web-bug image when you click on it.  The image is not https and loads in parallel with the new https page, so is considered as part of that page by us....  Honza, what's the existing bug number on that?

Whatever you're seeing with bugzilla is a different issue yet again, though.
I'm sorry for the confusion but I don't know how to filter these differences.
It's really not a problem.  No one is expecting you to; they're differences in the code and causes, not in the symptoms....
According to Boris'es description, this is bug 506008.
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.