Comment #10 on issue 2541 by sketchee: Opening a site using "--app" does not allow you to see if the site uses SSL correctly http://code.google.com/p/chromium/issues/detail?id=2541
If a malicious application is to take over either the shortcut or the original website, the SSL indicator is needed. This is the whole point of the SSL system. Of course if a person types in a url, it's also a trusted website but the SSL indicator is still needed. I'm not sure you understand the security implications of not making this obvious for users. It would be trivial to create a malicious shortcut or attached one to an e-mail. Popups also can take advantage of the app form and get past this. Hope this helps explain the seriousness of this issue. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
