[tor-bugs] #32645 [Applications/Tor Browser]: Update URL bar onion indicators
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Dec 4 15:54:44 UTC 2019
#32645: Update URL bar onion indicators
--------------------------------------+--------------------------------
Reporter: antonela | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ux-team | Actual Points:
Parent ID: #30025 | Points:
Reviewer: | Sponsor: Sponsor27-must
--------------------------------------+--------------------------------
Comment (by Thorin):
Replying to [comment:4 pospeselr]:
> For mixed content Firefox uses the HTTPS lock icon with a red slash
through it, while chromium based browsers don't have an icon but instead
red 'Not Secure' text in the address bar.
I'm not seeing that. The grey padlock with a red slash is for insecure
(1st party) pages - e.g http://example.com
Mixed content: Firefox only blocks insecure active content, not passive
(by default)
- `security.mixed_content.block_active_content` = true
- `security.mixed_content.block_display_content` = false
For example, using https://www.bennish.net/mixed-content.html - FF default
(insecure active mixed content) displays a grey padlock with a yellow
warning (triangle) overlay
If passive content is also blocked, then
- FF70+ just a grey padlock is displayed, also the info icon is gone,
merged into the padlock
- ESR68, FF69 - a green padlock
Note: the blocking of subresources has a bug, and the padlock could be
misleading: but we're only discussing the UX, so it's immaterial
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32645#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list