http://bugzilla.novell.com/show_bug.cgi?id=509423 Summary: https:build.opensuse.org called "unsafe" by firefox3 Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: BuildService AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: guido.draheim@gmx.de QAContact: adrian@novell.com Found By: --- User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 Firefox3 will show the safe icon (closed lock in the lower right corner) for the login page of https://build.opensuse.org/ICSLogin (the one with the green navigation bar). As soon as being logged in and pushed back to https://build.opensuse.org/ the icon shows a red bang and informs that part of this page are transported unencrypted. By the way, this is more obvious if you enable the hidden "blue certified identity" feature of Firefox3. (open Firefox - goto about:config (say yes on warning message) - search for "identity" - set browser.identity.ssl_domain_display = 1). If enabled one will never overlook the red bang on the ssl connection info ;-) Reproducible: Always Steps to Reproduce: 1. Open Firefox3 2. Goto https://build.opensuse.org/ 3. Login Actual Results: Have a look at the SSL info "lock icon" in the lower right and watch for the red bang. (if the blue identity.ssl_domain_display is enabled then see the blue ribbon of security get lost in the URL edit box) Expected Results: Have a simple "lock icon" with "opensuse.org" to its left (if the blue identity.ssl_domain_display is enabled then "opensuse.org" is shown with a blue background left of the URL adress edit box near the top of the firefox window) Probably just some images? I just wonder because other Novell/Suse sites do it all right. I guess that the real ajax requests are transported via https just fine - but Firefox does not have an indicator about that. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.