ubuntu-webapps-bugs team mailing list archive
-
ubuntu-webapps-bugs team
-
Mailing list archive
-
Message #01376
[Bug 1368117] [NEW] WebView.blockedContent indicates the wrong state in some circumstances
Public bug reported:
Whilst writing the test for this, I noticed that if you do the
following:
- set WebPreferences.canDisplayInsecureContent to false
- load a page over SSL that contains an insecure script and an insecure image (at this point, the ContentTypeMixedDisplay and ContentTypeMixedScript bits of WebView.blockedContent are set, correctly)
- call WebView.setCanTemporarilyDisplayInsecureContent(true) (which causes the page to reload).
At this point, WebView.blockedContent should still have the
ContentTypeMixedScript bit set, but it is now clear
** Affects: oxide
Importance: Medium
Assignee: Chris Coulson (chrisccoulson)
Status: Triaged
** Affects: oxide/1.2
Importance: Medium
Assignee: Chris Coulson (chrisccoulson)
Status: Triaged
** Changed in: oxide
Importance: Undecided => Medium
** Changed in: oxide
Status: New => Triaged
** Changed in: oxide
Milestone: None => branch-1.3
** Changed in: oxide
Assignee: (unassigned) => Chris Coulson (chrisccoulson)
** Also affects: oxide/1.2
Importance: Undecided
Status: New
** Changed in: oxide/1.2
Milestone: None => 1.2.1
** Changed in: oxide/1.2
Assignee: (unassigned) => Chris Coulson (chrisccoulson)
** Changed in: oxide/1.2
Importance: Undecided => Medium
** Changed in: oxide/1.2
Status: New => Triaged
** Description changed:
Whilst writing the test for this, I noticed that if you do the
following:
- set WebPreferences.canDisplayInsecureContent to false
- - load a page over SSL that contains an insecure script and insecure content (at this point, WebView.blockedContent is correct)
+ - load a page over SSL that contains an insecure script and an insecure image (at this point, the ContentTypeMixedDisplay and ContentTypeMixedScript bits of WebView.blockedContent are set, correctly)
- call WebView.setCanTemporarilyDisplayInsecureContent(true) (which causes the page to reload).
At this point, WebView.blockedContent should still have the
ContentTypeMixedScript bit set, but it is now clear
--
You received this bug notification because you are a member of Ubuntu
WebApps bug tracking, which is subscribed to Oxide.
https://bugs.launchpad.net/bugs/1368117
Title:
WebView.blockedContent indicates the wrong state in some circumstances
Status in Oxide Webview:
Triaged
Status in Oxide 1.2 series:
Triaged
Bug description:
Whilst writing the test for this, I noticed that if you do the
following:
- set WebPreferences.canDisplayInsecureContent to false
- load a page over SSL that contains an insecure script and an insecure image (at this point, the ContentTypeMixedDisplay and ContentTypeMixedScript bits of WebView.blockedContent are set, correctly)
- call WebView.setCanTemporarilyDisplayInsecureContent(true) (which causes the page to reload).
At this point, WebView.blockedContent should still have the
ContentTypeMixedScript bit set, but it is now clear
To manage notifications about this bug go to:
https://bugs.launchpad.net/oxide/+bug/1368117/+subscriptions
Follow ups
References