Shield Button is enabled while executing HTTP over HTTPS
Reported by
ramkumar...@gmail.com,
Jul 26 2017
|
|||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36 Steps to reproduce the problem: This issue occurs on Anthem version of Salesforce. In salesforce (https://ind--isgfull.cs64.my.salesforce.com/) we have deployed custom console application (http://localhost:4040) to communicate with desktop application. When user login into Salesforce, custom console application get executed and try to communicate to desktop application through local port 4040 What is the expected behavior? Disable Shield button and load unsafe script What went wrong? In previous version of Chrome (version 51.0.2704.103) we disabled shield button using external command (--unsafely-treat-insecure-origin-as-secure=http://localhost:4040 --test-type --user-data-dir=) but in new version of Chrome (version 59.0.3071.115)not supporting external command. So agent have to manually disable it. Can you fix chrome version to support external command Did this work before? Yes 51.0.2704.103 Chrome version: 59.0.3071.115 Channel: n/a OS Version: 6.1 (Windows 7, Windows Server 2008 R2) Flash Version: Shockwave Flash 26.0 r0 We need to disable Shield button automatically through external command
,
Jul 27 2017
estark: Any thoughts?
,
Jul 28 2017
As chrome-hyd team do not salesforce setup, could someone from MTV please look into this issue. Adding 'TE-NeedsTriageFromMTV' label for further investigation. Thanks.
,
Jul 28 2017
I can't reproduce this issue; --unsafely-treat-insecure-origin-as-secure still seems to work. On 59.0.3071.115, if I run Chrome with --unsafely-treat-insecure-origin-as-secure=http://mixed-script.badssl.com, I can visit https://mixed-script.badssl.com and the script loads and runs without a shield as expected. To the reporter, can you please provide more detailed instructions for reproducing the problem, ideally with a standalone test website that I can try as well? Thanks!
,
Jul 28 2017
Let me try this and let you know on Monday
,
Jul 28 2017
Thank you for providing more feedback. Adding requester "estark@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jul 28 2017
,
Oct 5 2017
no feedback & cannot reproduce, so closing. Please reopen if this is still an issue with the additional feedback |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by ranjitkan@chromium.org
, Jul 27 2017