Closed Bug 838359 Opened 8 years ago Closed 8 years ago

There's no obvious (to users) reason why we're showing yellow-triangle-with-exclamation-point vs. globe, for mixed-content sites

Categories

(Firefox :: Security, defect)

21 Branch
defect
Not set
normal

Tracking

()

VERIFIED FIXED
Firefox 21
Tracking Status
firefox20 --- unaffected
firefox21 + verified

People

(Reporter: dholbert, Assigned: tanvi)

References

(Blocks 1 open bug)

Details

(Keywords: regression)

Attachments

(3 files)

STR:
 1. Load these two URLs in different tabs or windows:
https://blog.mozilla.org/blog/2013/01/29/mozilla-firefox-flicks-global-video-competition-returns/
https://blog.mozilla.org/blog/2013/01/28/privacy-day-2013/

 2. Compare their favicons.

ACTUAL RESULTS:
 The flicks blog entry shows a yellow exclamation point favicon.
 The privacy day blog entry shows a globe favicon.

EXPECTED RESULTS: They should be consistent. (Both sites have mixed content, so it makes sense that they don't show a lock; but there's no clear reason why one should additionally show a scary exclamation sign and the other should not.)
Mozilla/5.0 (X11; Linux x86_64; rv:21.0) Gecko/20130205 Firefox/21.0
bsmith tells me (and looking at the neterror page confirms) that we show the exclamation point UI when we've got mixed _active_ content (e.g. scripts) whereas we show the globe if we've got mixed _display_ content (e.g. images).

So that explains the distinction.
So now that I understand comment 2 -- I think my only gripe here is that the current UI doesn't really help users learn what's going on.

As shown in the two screenshots I just attached, the warning popup is identical for globe vs. yellow-triangle.  (Both just say that the connection is "only partially encrypted".)  There's no extra information about what's extra-bad in the the mixed _active_ content situation.
Summary: Exclamation point UI is inconsistently shown, for mixed-content sites → There's no obvious (to users) reason why we're showing yellow-triangle-with-exclamation-point vs. globe, for mixed-content sites
The problem is that we always change the icon to the triangle when we we load mixed active content, even when mixed active content blocker is disabled. Instead, the icon should only be changed to a triangle mixed active content blocker is enabled.
Assignee: nobody → tanvi
Blocks: 822371
Keywords: regression
(In reply to Brian Smith (:bsmith) from comment #7)
> The problem is that we always change the icon to the triangle when we we
> load mixed active content, even when mixed active content blocker is
> disabled. Instead, the icon should only be changed to a triangle mixed
> active content blocker is enabled.

The idea to put in the triangle icon predates mixed content blocking (see bug 747090).  The reason it wasn't done sooner was because we couldn't distinguish mixed script and mixed display.  It was put into nightly for all mixed content and then rolled back until such a time when we could show it for only mixed script.

I believe this is the ideal situation: the pref to block mixed active content would be turned on by default for all users and they would see the triangle icon if they disable protection.  If they (or an addon they install) goes to about:config and changes the pref and turns it off, they will still see the yellow triangle.  

We may or may not get to this "ideal" for FF 21.  If we don't, we can discuss what to do.

If other's have a different idea of what is ideal, please chime in and provide details.
(In reply to Tanvi Vyas [:tanvi] from comment #8)
> I believe this is the ideal situation: the pref to block mixed active
> content would be turned on by default for all users and they would see the
> triangle icon if they disable protection.  If they (or an addon they
> install) goes to about:config and changes the pref and turns it off, they
> will still see the yellow triangle.  

That sounds OK to me, as long as we have clearer distinction between the info panel for a mixed-active-content situation vs. a mixed-display-content situation (as noted at end of comment 5), so that users can tell why they're getting one icon vs. the other.
(s/users/users who have the pref turned off/ (which is currently all users, since the pref is off by default for now))
(In reply to Daniel Holbert [:dholbert] from comment #9)

> That sounds OK to me, as long as we have clearer distinction between the
> info panel for a mixed-active-content situation vs. a mixed-display-content
> situation (as noted at end of comment 5), so that users can tell why they're
> getting one icon vs. the other.

Yes, that will be in the Larry Menu. Here are the proposed strings as of now:

Case 1: Mixed Script - blocked and No Mixed Display
Icon: lock + shield
The connection to this page is secure. Only encrypted content is displayed.

Case 2: Mixed Script Blocked + Mixed Display
Icon: globe + shield
Interactive content (such as scripts) that isn't encrypted have been blocked for your protection.

Case 3: Mixed Script - enabled and No Mixed Display
Icon: warning
This page contains interactive content (such as scripts) that isn't encrypted. 
Others can view or modify the page's behavior.
<Block insecure content>

Case 4: Mixed Script Enabled + Mixed Display
Icon: Warning
This page contains interactive content (such as scripts) that isn't encrypted. 
Others can view or modify the page's behavior.
<Block insecure content>

Case 5: Mixed Display only
Icon: globe
The connection to this page is not fully secure because it contains unencrypted elements (such as images).
Depends on: 838402
(In reply to Tanvi Vyas [:tanvi] from comment #8)

> We may or may not get to this "ideal" for FF 21.  If we don't, we can
> discuss what to do.

I've noticed this too recently, sigh. I didn't realize how this changed the UI without the pref enabled.

I think it's important to not suddenly introduce the yellow-triangle icon to users without the associated shield/doorhanger UI. EG, if we don't enable the pref for 21 (or, worse, we do enable it but then disable it later on Aurora/Beta), users should never see the yellow-triangle.

I'm significantly less concerned about what happens in the future world where mixed-content is blocked by default, and users only see the icon if they've unblocked content via the doorhanger or flipping the pref.
OS: Linux → All
Hardware: x86_64 → All
Version: Trunk → 21 Branch
(In reply to Tanvi Vyas [:tanvi] from comment #8)
> We may or may not get to this "ideal" for FF 21.  If we don't, we can
> discuss what to do.

It sounds like we'll either land the changes in comment 11 before our 2/19 merge and consider enabling by default in FF21, or we'll revert to FF20's behavior with mixed content blocking disabled.
The pref isn't going to be turned on for FF 21, so we need to add a patch that shows the globe instead of the shield when security.mixed_content.block_active_content is set to false.

Something like this:

diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -6815,17 +6815,18 @@ var gIdentityHandler = {
     let nsIWebProgressListener = Ci.nsIWebProgressListener;
     if (location.protocol == "chrome:" || location.protocol == "about:") {
       this.setMode(this.IDENTITY_MODE_CHROMEUI);
     } else if (state & nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL) {
       this.setMode(this.IDENTITY_MODE_IDENTIFIED);
     } else if (state & nsIWebProgressListener.STATE_IS_SECURE) {
       this.setMode(this.IDENTITY_MODE_DOMAIN_VERIFIED);
     } else if (state & nsIWebProgressListener.STATE_IS_BROKEN) {
-      if (state & nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT) {
+      if ((state & nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT) &&
+          gPrefService.getBoolPref("security.mixed_content.block_active_content")) {
         this.setMode(this.IDENTITY_MODE_MIXED_ACTIVE_CONTENT);
       } else {
         this.setMode(this.IDENTITY_MODE_MIXED_CONTENT);
       }
     } else {
       this.setMode(this.IDENTITY_MODE_UNKNOWN);
     }
Note that I have not tested this yet.  I am working on bug 836951 and then will get back to this one.
Comment on attachment 714528 [details] [diff] [review]
Don't show triangle icon unless blocking of mixed active content is enabled v1

(In reply to Tanvi Vyas [:tanvi] from comment #15)
> Created attachment 714528 [details] [diff] [review]
> Don't show triangle icon unless blocking of mixed active content is enabled
> v1
> 
> Note that I have not tested this yet.  I am working on bug 836951 and then
> will get back to this one.

This looks good.  r? to Justin and will push to try.

We need to land before the merge on Tuesday, but given this is a one line change, I don't think that will be a problem.

Note that the pref is only checked if we do infact have mixed content, so I don't think there will be a performance impact with checking the pref.
Attachment #714528 - Flags: review?(dolske)
Try looks good; now just waiting for review.
Attachment #714528 - Flags: review?(dolske) → review+
Thanks Justin!  Pushed to inbound: hg.mozilla.org/integration/mozilla-inbound/rev/87478d6bb849
https://hg.mozilla.org/mozilla-central/rev/87478d6bb849
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 21
Mozilla/5.0 (Windows NT 6.2; rv:22.0) Gecko/20130220 Firefox/22.0

With the mixed content prefs set to false (default) both sites now display the globe icon in Firefox Nightly:
- mixed active content site (https://blog.mozilla.org/blog/2013/01/29/mozilla-firefox-flicks-global-video-competition-returns/) 
- mixed display content site (https://blog.mozilla.org/blog/2013/01/28/privacy-day-2013/) displays the globe icon

The mixed display content site previously (Firefox <= F20) showed the lock icon. Is this intended now?
(In reply to Virgil Dicu [:virgil] [QA] from comment #21)
> Mozilla/5.0 (Windows NT 6.2; rv:22.0) Gecko/20130220 Firefox/22.0
> 
> With the mixed content prefs set to false (default) both sites now display
> the globe icon in Firefox Nightly:
> - mixed active content site
> (https://blog.mozilla.org/blog/2013/01/29/mozilla-firefox-flicks-global-
> video-competition-returns/) 
> - mixed display content site
> (https://blog.mozilla.org/blog/2013/01/28/privacy-day-2013/) displays the
> globe icon
> 
> The mixed display content site previously (Firefox <= F20) showed the lock
> icon. Is this intended now?

Mixed display has shown the globe icon for a while (not sure what FF version it started) and this won't change.

For Mixed Active Content, if the preference to block mixed active content is turned on, then the content will be blocked and the user will see the shield.  If they click on the shield and disable protection, they will see the triangle icon.

For Mixed Active Content, if the preference to block mixed active content is not turned on (which is the default right now), the user will see the globe.
Thanks for the prompt explanations, Tanvi.

Setting to verified then. Windows, Mac and Ubuntu with Aurora and Nightly.

Mozilla/5.0 (Windows NT 6.2; rv:22.0) Gecko/20130220 Firefox/22.0
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.