[Webkit-unassigned] [Bug 61946] FrameLoaderClient::didRunInsecureContent - no way to distinguish between blocked/run cases.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jun 3 12:09:20 PDT 2011


https://bugs.webkit.org/show_bug.cgi?id=61946





--- Comment #5 from Thomas Sepez <tsepez at chromium.org>  2011-06-03 12:09:20 PST ---
We're doing something stronger than just hiding the https lock icon.  We're going to break pages, by default, that try to include scripts on https pages from non-https sources.  And yes, there needs to be a way to disable it, along the lines of the "Toss a coin" scenario you indicated, at least in the short term until the top sites get their act together.

I'd like to do what you suggest along the lines of your CSS analogy, but the carnage will be too high.

The chatty addMessage() messages pre-dated this change.  I think they should go, too.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list