Issue 2004: Lock icon should be shown when a bad HTTPS resource is blocked
in a secure HTTPS page
http://code.google.com/p/chromium/issues/detail?id=2004
New issue report by [EMAIL PROTECTED]:
Today when bad HTTPS content is blocked from a secure HTTPS page, the
security style is UNAUTHENTICATED (no lock is shown in the location bar).
The behavior is inconsistent: this happens only for bad frames (status is
AUTHENTICATED for other blocked resources such as images)
We should make the behavior consistent: if a resource has been blocked the
page is still considered secure (AUTHENTICATED, lock icon shown).
The SSLUITest.TestUnsafeContents should be changed as well as it test that
the page is unauthenticated.
More info on why this happens only with bad frames:
When a bad frame is loaded, its content is replaced with some warning text
and the response does not contain a cert id.
So it triggers the setting of the UNAUTHENTICATED style in
SSLManager::DidCommitProvisionalLoad() for lack of a cert.
Issue attributes:
Status: Untriaged
Owner: [EMAIL PROTECTED]
Labels: Type-Bug Pri-2 OS-All Area-Unknown
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Chromium-bugs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/chromium-bugs?hl=en
-~----------~----~----~----~------~----~------~--~---
