Open Bug 860617 Opened 11 years ago Updated 8 years ago

Provide User Option for Popup in Place of Banner When Leaving Secure Web Page

Categories

(SeaMonkey :: Security, enhancement)

Product:
SeaMonkey
Component:
Security
Platform:
All
Windows XP
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
REOPENED

People

(Reporter: david, Unassigned)

Details

Attachments

(1 file)

leaving_secure_Web_page.jpg
103.60 KB, image/jpeg
Details 
Mozilla/5.0 (Windows NT 5.1; rv:20.0) Gecko/20100101 SeaMonkey/2.17

I have my preferences for [Privacy & Security > SSL] set to warn me when "Leaving a Web page that supports encryption" and when "Viewing a page with an encrypted/unencrypted mix".  As a result of implementing bug #799009, I no longer get a popup with the desired warning.  Instead, there is a banner across the entire top of the viewport.  

I find the banner quite annoying.  Worse, the implementation of bug #799009 reduces the user's security since browsing can continue without the user acknowledging the banner.  The old capability (with the popup) provided better security since the user had to acknowledge the popup before continuing to browse.
Note that the popup was NOT intended to be informational.  It was intended for safety.  Thus, if a popup is now not possible, the banner should block further browsing in order to provide that same level of safety.  

By "block further browsing", I mean that the selected page that triggers the banner should not render until the banner is acknowledged.
A pretty good idea to re-instate the security.
There is also a problem with respect to SeaMonkey.  The X to dismiss the banner is directly below the X to close the current tab.  I have found it far too easy to select the wrong X, to close the current tab when I only wanted to dismiss the banner.
I'm not aware of any such banner. In any case, the "you are leaving a secure page" dialog functionality will not be coming back.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
Please explain "In any case, the 'you are leaving a secure page' dialog functionality will not be coming back."  The attached JPEG file shows the banner as generated today by SeaMonkey/2.40, the latest version.  This banner occupies viewport "real estate", which is annoying.  It also does not prevent me from going on to viewing other Web pages, which the popup dialogue did prevent.  Thus, as I indicated earlier, this might be considered a security vulnerability.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
Doesn't look like this is part of Firefox (nor is it part of PSM): https://dxr.mozilla.org/comm-central/search?q=EnterInsecureMessage
Component: Security: UI → Security
Product: Core → MailNews Core
Since I see this while browsing Web pages, how is this a bug in MailNews Core?
Product: MailNews Core → SeaMonkey
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: