Closed
Bug 840395
Opened 12 years ago
Closed 2 years ago
confusing control center messages for http page with https iframe with mixed content
Categories
(Firefox :: Security, defect)
Firefox
Security
Tracking
()
RESOLVED
INCOMPLETE
People
(Reporter: mayhemer, Unassigned)
References
(Blocks 1 open bug, )
Details
Comment 1•12 years ago
|
||
Example url: http://people.mozilla.com/~tvyas/mixediframe2.html There is an http page with an https iframe.
Comment 2•11 years ago
|
||
Can you remind me what the issue is here? If you have an HTTP page with an HTTPS iframe, then Mixed Content will be blocked on the HTTPS iframe in FF 23+. See "Frame Descendants Rule" here: http://blogs.msdn.com/b/ie/archive/2011/06/23/internet-explorer-9-security-part-4-protecting-consumers-from-malicious-mixed-content.aspx And here is a nice diagram: http://ie.microsoft.com/testdrive/ieblog/2011/Jun/23_InternetExplorer9SecurityPart4ProtectingConsumersfromMaliciousMixedContent_5.png
Comment 3•8 years ago
|
||
I think the icon has changed, but the issue is that if you open the control center, there's the text "connection is not secure" (because it's http) as well as the text "<product> has blocked parts of this page that are not secure" (due to the https iframe with mixed content), which is a little confusing.
Component: Security: UI → Security
Product: Core → Firefox
Summary: Exclamation mark "This site doesn't provide any identity info" on http: page → confusing control center messages for http page with https iframe with mixed content
Comment 4•3 years ago
|
||
Hi Honza!
I'm trying to reproduce old bugs to see if we can resolve some.
Unfortunately, links suggested for testing, one on the Description and the other on comment 1, are not working anymore.
Due to Firefox having change a lot, maybe this problem doesn't happen anymore. I'm wondering if you can share it again.
Thanks!
Flags: needinfo?(honzab.moz)
Comment 5•2 years ago
|
||
Redirect a needinfo that is pending on an inactive user to the triage owner.
:serg, since the bug has high severity, could you have a look please?
For more information, please visit auto_nag documentation.
Flags: needinfo?(honzab.moz) → needinfo?(sgalich)
Comment 6•2 years ago
|
||
None of the links provided work anymore and the problem description is incomplete. Please reopen when more details are available.
Status: NEW → RESOLVED
Closed: 2 years ago
Flags: needinfo?(sgalich)
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•