New issue
Advanced search Search tips

Issue 810388 link

Starred by 2 users
Status: WontFix
Owner: ----
Closed: Feb 2018
Cc:
tkent@chromium.org
awhalley@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 2
Type: Bug
Team-Security-UX



Sign in to add a comment

Not Secure message not shown when input does not receive event directly

Reported by luca.mat...@accurat.it, Feb 8 2018 
UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36

Steps to reproduce the problem:
1. create an input on a non https website
2. listen to keypress, adding to value and stop propagation

What is the expected behavior?
when writing in a text input on a non https page, NOT SECURE should be displayed

What went wrong?
if the value is changed not directly but via js, the not secure is not shown

Did this work before? N/A 

Chrome version: 63.0.3239.132  Channel: stable
OS Version: OS X 10.12.6
Flash Version: 

I think that any input should directly show the not secure
index.html
680 bytes View Download

Comment 1 by e...@chromium.org, Feb 8 2018

Components: -Blink Blink>Input

Comment 2 by ajha@chromium.org, Feb 9 2018

Labels: Needs-Milestone

Comment 3 by dtapu...@chromium.org, Feb 9 2018

Components: -Blink>Input Blink>Forms

Comment 4 by tkent@chromium.org, Feb 13 2018

Cc: awhalley@chromium.org tkent@chromium.org
Components: -Blink>Forms
Maybe Blink>Forms is not appropriate component for "not secure" warning.
awhalley@, do you know what component is right?

Comment 5 by awhalley@google.com, Feb 13 2018

Components: UI>Browser>Omnibox>SecurityIndicators

Comment 6 by elawrence@chromium.org, Feb 26 2018

Labels: Hotlist-HttpBad
Status: WontFix (was: Unconfirmed)
Yes, there are known ways of working around "Not Secure" markings. Fortunately, *all* HTTP pages will soon be marked "Not Secure".

Sign in to add a comment