New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 605306 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Apr 2016
Cc:
lgar...@chromium.org
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug



Sign in to add a comment

The source page of "mixed.badssl.com" it shows the page is secure

Reported by chromium...@gmail.com, Apr 20 2016 
VERSION
Chrome Version: 52.0.2713.0 canary
Operating System: Windows 7

Go to the source page of mixed.badssl.com "view-source:mixed.badssl.com" and you will see the lock icon is green means the page is secure. I expected the page will not display the green lock icon.
result.png
60.7 KB View Download

Comment 1 by vakh@chromium.org, Apr 20 2016

Cc: lgar...@chromium.org
Components: UI>Browser>SafeBrowsing
Labels: -Type-Bug-Security Pri-2 Type-Bug
lgarron@ - Do you want to own this or know who's the appropriate owner for this is? I can reproduce this on ChromeOS 50.0.2661.79.

Also, this doesn't seem like a Type-Bug-Security since it isn't a security vulnerability so changing to Type-Bug.

Comment 2 by lgar...@chromium.org, Apr 20 2016

Components: -UI>Browser>SafeBrowsing Security>UX
Labels: -Restrict-View-SecurityTeam
Status: WontFix (was: Unconfirmed)
So, I don't think there's anything to do here.

view-source: opens in a new tab and only loads the main resource for the page. There is no mixed content on that particular tab, and there is no way to know if the page would have mixed content, except to load it.

Unless  Issue 89494  is implemented, view-source: is a completely separate tab from any other tabs on the same origin.

Comment 3 by chromium...@gmail.com, Apr 20 2016 

Hmm. You right, thanks Lucas!

Comment 4 by lafo...@chromium.org, Dec 9 2016

Components: -Security>UX
Labels: Team-Security-UX
Security>UX component is deprecated in favor of the Team-Security-UX label

Sign in to add a comment