[prev in list] [next in list] [prev in thread] [next in thread]
List: konq-bugs
Subject: [Bug 307221] New: konqueror does not report cleartext content in https pages
From: Adrien <adrien.grellier () laposte ! net>
Date: 2012-09-22 17:24:42
Message-ID: bug-307221-5021 () http ! bugs ! kde ! org/
[Download RAW message or body]
https://bugs.kde.org/show_bug.cgi?id=307221
Bug ID: 307221
Severity: normal
Version: 4.8.4
Priority: NOR
Assignee: konq-bugs@kde.org
Summary: konqueror does not report cleartext content in https
pages
Classification: Unclassified
OS: Linux
Reporter: adrien.grellier@laposte.net
Hardware: Debian testing
Status: UNCONFIRMED
Component: general
Product: konqueror
Most web browsers show a lock and/or change the address bar to
indicate that an https site has been connected to via TLS. konqueror
shows (afaict) a green shield with a check-mark. Fair enough.
But other browsers also indicate a "broken lock" or something similar
when an https page sources plain http content (e.g. in an img,
stylesheet, or script). This is to indicate to the user (who can't
tell which pieces of content are served over encrypted channels and
which ones are exposed in transit) that the rendered page is not
entirely confidential communication.
Konqueror does not display this state to the user, so konqueror users
are vulnerable to data being sent in the clear without their
knowledge.
This bug was reported on the Debian bug tracker system:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580420
Reproducible: Always
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
Konq-bugs mailing list
Konq-bugs@kde.org
https://mail.kde.org/mailman/listinfo/konq-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic