Bug 65673 - No warning on mixture of secure and insecure content
Summary: No warning on mixture of secure and insecure content
Status: RESOLVED UNMAINTAINED
Alias: None
Product: konqueror
Classification: Applications
Component: khtml (show other bugs)
Version: 3.1.1
Platform: Compiled Sources Linux
: NOR major
Target Milestone: ---
Assignee: Unknown
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-10-07 22:18 UTC by Richard Moore
Modified: 2012-06-18 14:11 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Richard Moore 2003-10-07 22:18:43 UTC
Version:            (using KDE Devel)
Installed from:    Compiled sources
Compiler:          g++ 3.3 (suse) 
OS:          Linux

There's no warning when view dot.kde.org on https despite the mixture of http and https content. This is with openssl-0.9.6i-10 on suse 8.2.
Comment 1 Thiago Macieira 2003-10-08 01:34:29 UTC
Reassigning to Konqueror, since it's the one that requests those references to 
be loaded. 
Comment 2 George Staikos 2003-10-09 18:16:37 UTC
AFAIK the only things in here that aren't encrypted are images.  I think this matches 
other browsers' behaviour.  Any reason we should change? 
Comment 3 Richard Moore 2003-10-10 23:40:36 UTC
Subject: Re:  No warning on mixture of secure and insecure content

On Thursday 09 October 2003 16:16, you wrote:
> ------- You are receiving this mail because: -------
> ------- Additional Comments From staikos@kde.org  2003-10-09 18:16 -------
> AFAIK the only things in here that aren't encrypted are images.  I think
> this matches other browsers' behaviour.  Any reason we should change?

It doesn't match IE. It also allows cookies that were created using the secure 
link to be transfered over an insecure one. I would also be worried that the 
same behaviour might apply to other embedded content which could use things 
like liveconnect to manipulate the (previously secure) page.

Rich.

Comment 4 George Staikos 2005-02-28 18:43:57 UTC
Ok, so basically the other browsers -used- to work the way we -presently- do, whereas we -used- to work the way other browsers -presently- do.  Argh.  The cookie issue seems valid, although it's kind of a site bug if it does that.  Should we change to emulate IE's behaviour?
Comment 5 George Staikos 2005-03-03 06:25:19 UTC
Note: firefox behaves as we do.
Comment 6 Myriam Schweingruber 2012-06-18 14:11:49 UTC
Message from the Bugsquad and Konqueror teams:
This bug is closed as outdated, as we do not have the manpower to maintain the KDE3 version anymore.
If you still can reproduce this issue with Konqueror 4.8.4 or later, please open a new report.
Thank you for your understanding.