"Not secure" doesn't show up on http://http.badssl.com/input/password/
Reported by
ar...@maven.pl,
Jan 26 2017
|
|||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36 Steps to reproduce the problem: 1. open google chrome 56, Linux version 2. go to url http://http.badssl.com/input/password/ 3. see that "Not secure" is missing What is the expected behavior? There should be "Not secure" text before URL. What went wrong? No "Not secure" text. Did this work before? N/A Chrome version: 56.0.2924.76 Channel: stable OS Version: PLD/Th Flash Version: Shockwave Flash 24.0 r0 Note that the same google chrome 56 version shows "Not secure" just fine under WINDOWS. Linux version is broken. Also tested with fresh/empty profile (google-chrome --user-data-dir=$(pwd)/empty) - the problem is visible in such case, too.
,
Jan 26 2017
The "Not Secure" warning is currently rolled out to 50% of beta and 99% of stable. So it's possible that you just don't have it enabled yet. Could you please check whether the value 684d1cdf-51126808 appears in the Variations list in chrome://version?
,
Jan 26 2017
Ok, thanks. It looks like the variations server has not assigned you to the experiment that enables the "Not Secure" warning. Your chrome://version screenshot says "unknown" which might mean you're not an on official release channel and not getting updated configurations for server-enabled features like this one. You can always force-enable the "Not Secure" feature in chrome://flags (#mark-non-secure-as).
,
Jan 26 2017
I was using my own shell wrapper which didn't set shell variables that official wrapper uses. Fixing that indeed fixed the issue. Thanks! |
|||
►
Sign in to add a comment |
|||
Comment 1 by davidben@chromium.org
, Jan 26 2017Labels: Team-Security-UX
Status: Untriaged (was: Unconfirmed)