Issue 672667 link

Starred by 5 users

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Nov 2017
Components:	Security UI>Browser>Passwords
EstimatedDays:	----
NextAction:	----
OS:	All
Pri:	2
Type:	Task
Hotlist-Polish M-57 Hotlist-HttpBad Team-Security-UX Hotlist-HttpBadFormNotSecure Hotlist-EnamelAndFriendsFixIt

Blocking:
issue 770046

Show other hotlists

Hotlists containing this issue:
EnamelAndFriendsFixIt

Enhance FormNotSecure UX when on broken HTTPS

Project Member Reported by est...@chromium.org, Dec 9 2016

Issue description

When a broken-https page loads a password form and there is login data stored, the autofill dropdown should have a second row below the "Login not secure" warning that says "Login autofilling disabled".

Comment 1 by rouslan@chromium.org, Dec 9 2016

Components: -UI>Browser>Autofill UI>Browser>Passwords

Comment 2 by est...@chromium.org, Dec 10 2016

Labels: Hotlist-HttpBadFormNotSecure

Comment 3 by vabr@chromium.org, Dec 13 2016

Components: Security
Labels: Hotlist-Polish

Comment 4 by est...@chromium.org, Dec 15 2016

Labels: tracking_work

Comment 5 by elawrence@chromium.org, Jan 26 2017

Summary: Enhance FormNotSecure UX when on broken HTTPS (was: Show "Login autofilling disabled" message in autofill dropdown when on broken https)

When on broken HTTPS (after clickthrough a certificate error):

1. If the user has credentials stored for the site, show both "[Login not secure] and [Login autofilling disabled]" rows in the autofill dropdown.
2. If the user does not have credentials stored for the site, show a "[Login not secure]" row in the autofill dropdown.

These two autofill messages are added in different places. The "No accounts stored" codepath only looks to see if IsOriginSecure(url) without examining the security state of the context.

Comment 6 by vabr@chromium.org, May 2 2017

Labels: -tracking_work Type-Task

Comment 7 by kolos@chromium.org, Sep 29 2017

Blocking: 770046

Comment 8 by est...@chromium.org, Nov 10 2017

Labels: Hotlist-EnamelAndFriendsFixIt

Comment 9 by est...@chromium.org, Nov 11 2017

Status: WontFix (was: Available)

Feature isn't launching

►

Issue 672667 link

Issue metadata

Enhance FormNotSecure UX when on broken HTTPS

Issue description

Comment 1 by rouslan@chromium.org, Dec 9 2016

Comment 1 Deleted

Comment 2 by est...@chromium.org, Dec 10 2016

Comment 2 Deleted

Comment 3 by vabr@chromium.org, Dec 13 2016

Comment 3 Deleted

Comment 4 by est...@chromium.org, Dec 15 2016

Comment 4 Deleted

Comment 5 by elawrence@chromium.org, Jan 26 2017

Comment 5 Deleted

Comment 6 by vabr@chromium.org, May 2 2017

Comment 6 Deleted

Comment 7 by kolos@chromium.org, Sep 29 2017

Comment 7 Deleted

Comment 8 by est...@chromium.org, Nov 10 2017

Comment 8 Deleted

Comment 9 by est...@chromium.org, Nov 11 2017

Comment 9 Deleted

Sign in to add a comment