Closed Bug 681923 Opened 14 years ago Closed 14 years ago

Incorrect SSL Security Shown (compared to IE)

Categories

(Firefox :: Address Bar, defect)

Product:
Firefox
Component:
Address Bar
Version:
6 Branch
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: nigelh747, Unassigned)

References

(
URL
)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0) Gecko/20100101 Firefox/6.0 Build ID: 20110811165603 Steps to reproduce: I went to the site of Bank of America https://sitekey.bankofamerica.com/sas/signonScreen.do?state=MN Actual results: The toolbar did not highlight any colors - it uses an enhanced verified certificate! Expected results: It should have been highlighted in Green in IE as Microsoft does
This works for me with 32bit builds on Windows XP 32 bit and Windows Vista 64 bit and Mac OS X 10.5. Go to Firefox -> Help -> Restart with Add-ons Disabled and see if it is still not highlighting in green.
Hi Bob Just repeated test as yours - somehow cycling with and without addons has cleared this up. Something is buggy - but suppose its working Happy to close if you are
Nigel, if you could go to Firefox->Help->Troubleshooting information, then click Copy all to clipboard and then paste the results here that might help us today or perhaps someone later if we see the same extensions with similar problems.
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → WORKSFORME
Application Basics Name Firefox Version 6.0 User Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0) Gecko/20100101 Firefox/6.0 Profile Directory Open Containing Folder Enabled Plugins about:plugins Build Configuration about:buildconfig Extensions Name Version Enabled ID Adblock Plus 1.3.9 true {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Beef Taco (Targeted Advertising Cookie Opt-Out) 1.3.6 true john@velvetcache.org BetterPrivacy 1.67 true {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} Bookmark Favicon Changer 1.52 true bookmarkfaviconchanger@sonthakit British English Dictionary 1.19.1 true en-GB@dictionaries.addons.mozilla.org Clear Cache Button 0.9f true {563e4790-7e70-11da-a72b-0800200c9a66} Configuration Mania 1.14.2011080101 true {c4d362ec-1cff-4ca0-9031-99a8fad7995a} Download Statusbar 0.9.8 true {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} Extension List Dumper 1.15.2 true extensionlistdumper@sogame.cat Google Analytics Opt-out Browser Add-on 0.9.4 true {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65} HTML5 Extension for Windows Media Player Plug-in 1.0.3 true jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack Menu Editor 1.2.7 true {EDA7B1D7-F793-4e03-B074-E6F303317FB0} NewTabURL 2.2.3 true newtaburl@sogame.cat ReloadEvery 6.0.0 true {888d99e7-e8b5-46a3-851e-1ec45da1e644} Saved Password Editor 2.2.1 true savedpasswordeditor@daniel.dawson Undo Closed Tabs Button 3.7.1 true undoclosedtabsbutton@supernova00.biz Wallflower 1.0 true jid1-uB4sJEPvR2m4QQ@jetpack avast! WebRep 6.0.1203 false wrc@avast.com Java Console 6.0.26 false {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} Modified Preferences Name Value accessibility.typeaheadfind.flashBar 0 browser.places.smartBookmarksVersion 2 browser.startup.homepage www.google.co.uk browser.startup.homepage_override.buildID 20110811165603 browser.startup.homepage_override.mstone rv:6.0 extensions.lastAppVersion 6.0 network.cookie.prefsMigrated true places.database.lastMaintenance 1314286379 places.history.enabled false places.history.expiration.transient_current_max_pages 128822 print.print_printer CutePDF Writer print.printer_CutePDF_Writer.print_bgcolor false print.printer_CutePDF_Writer.print_bgimages false print.printer_CutePDF_Writer.print_command print.printer_CutePDF_Writer.print_downloadfonts false print.printer_CutePDF_Writer.print_edge_bottom 0 print.printer_CutePDF_Writer.print_edge_left 0 print.printer_CutePDF_Writer.print_edge_right 0 print.printer_CutePDF_Writer.print_edge_top 0 print.printer_CutePDF_Writer.print_evenpages true print.printer_CutePDF_Writer.print_footercenter print.printer_CutePDF_Writer.print_footerleft &PT print.printer_CutePDF_Writer.print_footerright &D print.printer_CutePDF_Writer.print_headercenter print.printer_CutePDF_Writer.print_headerleft &T print.printer_CutePDF_Writer.print_headerright &U print.printer_CutePDF_Writer.print_in_color true print.printer_CutePDF_Writer.print_margin_bottom 0.5 print.printer_CutePDF_Writer.print_margin_left 0.5 print.printer_CutePDF_Writer.print_margin_right 0.5 print.printer_CutePDF_Writer.print_margin_top 0.5 print.printer_CutePDF_Writer.print_oddpages true print.printer_CutePDF_Writer.print_orientation 0 print.printer_CutePDF_Writer.print_page_delay 50 print.printer_CutePDF_Writer.print_paper_data 9 print.printer_CutePDF_Writer.print_paper_height 11.00 print.printer_CutePDF_Writer.print_paper_size_type 0 print.printer_CutePDF_Writer.print_paper_size_unit 1 print.printer_CutePDF_Writer.print_paper_width 8.50 print.printer_CutePDF_Writer.print_reversed false print.printer_CutePDF_Writer.print_scaling 1.00 print.printer_CutePDF_Writer.print_shrink_to_fit true print.printer_CutePDF_Writer.print_to_file false print.printer_CutePDF_Writer.print_unwriteable_margin_bottom 0 print.printer_CutePDF_Writer.print_unwriteable_margin_left 0 print.printer_CutePDF_Writer.print_unwriteable_margin_right 0 print.printer_CutePDF_Writer.print_unwriteable_margin_top 0 print.printer_Microsoft_XPS_Document_Writer.print_bgcolor false print.printer_Microsoft_XPS_Document_Writer.print_bgimages false print.printer_Microsoft_XPS_Document_Writer.print_command print.printer_Microsoft_XPS_Document_Writer.print_downloadfonts false print.printer_Microsoft_XPS_Document_Writer.print_edge_bottom 0 print.printer_Microsoft_XPS_Document_Writer.print_edge_left 0 print.printer_Microsoft_XPS_Document_Writer.print_edge_right 0 print.printer_Microsoft_XPS_Document_Writer.print_edge_top 0 print.printer_Microsoft_XPS_Document_Writer.print_evenpages true print.printer_Microsoft_XPS_Document_Writer.print_footercenter print.printer_Microsoft_XPS_Document_Writer.print_footerleft &PT print.printer_Microsoft_XPS_Document_Writer.print_footerright &D print.printer_Microsoft_XPS_Document_Writer.print_headercenter print.printer_Microsoft_XPS_Document_Writer.print_headerleft &T print.printer_Microsoft_XPS_Document_Writer.print_headerright &U print.printer_Microsoft_XPS_Document_Writer.print_in_color true print.printer_Microsoft_XPS_Document_Writer.print_margin_bottom 0.5 print.printer_Microsoft_XPS_Document_Writer.print_margin_left 0.5 print.printer_Microsoft_XPS_Document_Writer.print_margin_right 0.5 print.printer_Microsoft_XPS_Document_Writer.print_margin_top 0.5 print.printer_Microsoft_XPS_Document_Writer.print_oddpages true print.printer_Microsoft_XPS_Document_Writer.print_orientation 0 print.printer_Microsoft_XPS_Document_Writer.print_page_delay 50 print.printer_Microsoft_XPS_Document_Writer.print_paper_data 9 print.printer_Microsoft_XPS_Document_Writer.print_paper_height 11.00 print.printer_Microsoft_XPS_Document_Writer.print_paper_size_type 0 print.printer_Microsoft_XPS_Document_Writer.print_paper_size_unit 1 print.printer_Microsoft_XPS_Document_Writer.print_paper_width 8.50 print.printer_Microsoft_XPS_Document_Writer.print_reversed false print.printer_Microsoft_XPS_Document_Writer.print_scaling 1.00 print.printer_Microsoft_XPS_Document_Writer.print_shrink_to_fit true print.printer_Microsoft_XPS_Document_Writer.print_to_file false print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_bottom 0 print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_left 0 print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_right 0 print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_top 0 privacy.clearOnShutdown.cookies false privacy.donottrackheader.enabled true privacy.sanitize.migrateFx3Prefs true privacy.sanitize.sanitizeOnShutdown true security.password_lifetime 15 security.warn_viewing_mixed false Graphics Adapter Description ATI Radeon HD 4550 Vendor ID 1002 Device ID 9540 Adapter RAM 512 Adapter Drivers aticfx64 aticfx64 aticfx32 aticfx32 atiumd64 atidxx64 atiumdag atidxx32 atiumdva atiumd6a atitmm64 Driver Version 8.881.0.0 Driver Date 7-28-2011 Direct2D Enabled true DirectWrite Enabled true (6.1.7601.17563) ClearType Parameters ClearType parameters not found WebGL Renderer Google Inc. -- ANGLE -- OpenGL ES 2.0 (ANGLE 0.0.0.686) GPU Accelerated Windows 1/1 Direct3D 10
Another issue with the toolbar is that with Firefox 6 you have made the colors pastel - but there are several bugs open about that
yeah, we're not going to argue color in bugs. Debate the design team in the newsgroups they read (mozilla.dev.usability I think?) or on IRC. "Green" certs can turn "Blue" if there's a problem getting a response from the Certificate Authority's OCSP (revocation) server. If we can't validate that the certificate has not been revoked then we downgrade it from EV to "normal" SSL. The color going away entirely generally means some content on the page was loaded insecurely. Often it's an image which is not a huge problem (although in the case of the sitekey site, if it were the sitekey itself that might be an issue) but it could also be an advertising or analytics script. Unlikely to be advertising on a bank of course, I'm speaking in general. The purpose of some add-ons is to create "mash-ups" or otherwise add content to your web sites, and if they're not carefully done they might add insecure content to SSL pages that will trigger "mixed-mode" which we currently indicate by removing the color. Personally I'd prefer calling more attention to that state, but that, too, is an argument for another bug. The fact that it started working correctly when you disabled your add-ons is consistent with an add-on that inserts content into pages, but most of your add-ons are about --blocking-- content. I don't know what "Wallflower" is. I can imagine "avast! WebRep" might be inserting indications somewhere on the page (if not in the UI) but it would be pretty incompetent for security software to be breaking the security on a bank site.
Thanks - would think that the issue was getting answers from the revocation certificate however Avast WebRep is disabled - due to Avast being weeks being Firefox and resetting the version of their software to stop it working with Firefox 6. Wallflower comes from Deitrich Ayala one of the developers - who wrote I was looking at about:memory and noticed entries for Facebook and Google+ URLs, even though I didn’t have either open. I figured they were probably from the social buttonry that decorates the web these days. No big deal… except they were taking up a bunch of memory! The Facebook button was using over 20mb and the Google+ button was taking over 40mb! I have never clicked either of these buttons. So I wrote Wallflower, a simple Firefox add-on (restartless of course) that removes these buttons from any page your browse to, saving your precious memory, CPU and battery life for the content you actually want. (http://autonome.wordpress.com/author/autonome/)
You need to log in before you can comment on or make changes to this bug.