Issue metadata
Sign in to add a comment
|
Chrome doesn't detect onBlur events after displaying a privacy error page when entering a website with certificate error
Reported by
tomerbr...@gmail.com,
Jul 5 2017
|
||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36 Example URL: https://tomertest.byethost7.com/onblur.html Steps to reproduce the problem: 1. Enter a https website that causes Chrome to display a Privacy Error warning page (i.e about certificate errors such as ERR_CERT_COMMON_NAME_INVALID). 2. Choose to proceed in order to enter the website (either by the choosing the "Proceed to..." link, or by typing "badidea"). What is the expected behavior? Chrome should proceed with request the website from the server, display it properly after receiving it and detect events such as onBlur events, as it does in http. What went wrong? Chrome does proceed with request the website from the server and displaying it properly after receiving it, but it won't detect events such as onBlur (and possibly also onFocus) until the client loses focus from the browser itself (i.e. click somewhere else in the desktop). Then, when the client returns to be in focus in the browser, Chrome will start detect the onBlur events, as it should. As the browser doesn't detect such events, JS files that listen to onBlur events in the websites won't work either. Does it occur on multiple sites: Yes Is it a problem with a plugin? No Did this work before? Yes 57.0.2987.133 (64-bit) Does this work in other browsers? Yes Chrome version: 59.0.3071.115 Channel: stable OS Version: 10.0 Flash Version: After proceeding from the privacy error page (when not in incognito mode), Chrome will disable displaying the privacy error page for further entries, and this bug won't reproduce. In order to reproduce it, client needs to re-enable warnings, by clicking the "Not secure" label in the URL bar and choosing "Re-enable warnings". Then the bug will reproduce in the next enter to the site.
,
Jul 5 2017
I'm not 100% clear on what's going on. Could you give an example with specific steps so that it's easy to have visual confirmation of the wrong behaviour? (I'm holding off on adding the interstitial component, because it may be a bug purely to do with security state.)
,
Jul 6 2017
Hi Igar, 1. Enter the example URL. 2. You'll get a Privacy Error warning page. choose to proceed. 3. When you enter the URL, you'll see two input fields, "Name" and "Password". The "Name" field has a onBlur event set, to display an alert with the word "OK" when the user loses focus from this field (means, after the user types the username click somewhere else inside the site, such as in the password field, the alert should pop up). 4. However, you can see two things indicates there's a bug: a. There is no text cursor appearing inside a textbox field when focusing in a textbox field (means, when you click a text box to type input into it, you won't see any text cursor). b. No alert will pop up when losing focus from the "Name" text field. 5. When the user will lose focus from the browser itself (means, he'll click somewhere else outside of it, for example), Chrome will start detect the onBlur events as it needs to, and now a text cursor will appear inside text box fields. Also, when the user will open a new session with the website, Chrome will not display the "Privacy Error" page (as it disables it after the user chooses to proceed) and the bug won't appear again, until the user will choose to re-enable the privacy error page again (can be done only when not in incognito mode). If you still can't get visual confirmation of the wrong behavior i can record it for you as it is simple to me to reproduce.
,
Jul 6 2017
We need some Component on the bug, so going with the current best guess. Definitely feel free to change the Component once the underlying cause is determined.
,
Jul 6 2017
The same problem happens with input focus after HTTP authentication. You can cancel the authentication for http://browserspy.dk/password-ok.php and the search input on the top right does not show focus until you move the focus from the page and back. I tested older Windows builds and I think the issue started between commit position 463464 and 463480.
,
Jul 12 2017
Merge with 739676?
,
Jul 12 2017
739676 is a duplicate of this issue and should be merged. This issue is about both onFocus and onBlur events after HTTP authentication.
,
Jul 26 2017
,
Jul 31 2017
The test site https://tomertest.byethost7.com/onblur.html in the bug report doesn't connect for me; is there a test page anywhere that I can play with?
,
Aug 15 2017
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by davidben@chromium.org
, Jul 5 2017