Moving this to dev-security.
Also looks like Safari (which isn't included in my linked table)
released Safari 6 last week. This is what EV and SSL certs look like on
Safari 6: http://cl.ly/image/1b1s0w1E2F2O. Not sure if they handle the
mixed content case.
On 7/23/12 5:53 PM, Tanvi Vyas wrote:
Hey,
I went through and observed the Mixed Content behavior or IE (since I
hadn't before) and have documented it here, along with Chrome's,
Firefox 14's, and Opera's behavior. Please see this link for a table
with the details:
https://www.evernote.com/shard/s200/sh/d057ce69-bf51-483a-9b13-8186a8f5fcef/f0bb8712965da0c8b21578146c6c0ff8
Looking through this, I am glad that we are uniform with Opera and
Chrome on the globe and the lock icons. I'd also like to unify the
Mixed Content Icons across browsers. Looks like IE and Opera haven't
figured out how to solve that problem yet either.
For our Mixed Content Blocker, we could include our "fix this/insecure
content" message at the bottom of the page (like IE does). When
clicked, we could make an animation that takes the users eyes to the
https and lock icon. We could cross out the https and change the
icon. Instead of the animation, we could always just draw attention
to the icon and the crossed out https by flashing it or making it
bigger for a couple seconds.
Has anyone come up with any other ideas of what the UI for Mixed
Content Blocking could look like? Brandon has finished his patch and
just needs to add some tests. If we can figure out the right UI, we
could land this in FF17.
Thanks!
~Tanvi
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
