Canonical SSO provider

Login page can contain unencrypted elements

Bug #1325496 reported by Matthew Paul Thomas on 2014-06-02

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Canonical SSO provider	New	Undecided	Unassigned

Bug Description

1. In a private/incognito window, go to <https://wiki.canonical.com/>.
2. Click "Login" [sic].
3. Click the icon next to the URL.

What you see:
* In Firefox: "The connection to this website is not fully secure because it contains unencrypted elements (such as images)."
* In Chromium/Chome: "However, this page includes other resources which are not secure. These resources can be viewed by others while in transit and can be modified by an attacker to change the look of the page."

The culprit is the Canonical logo next to the words "Canonical Wiki".
<http://assets.ubuntu.com/sites/ubuntu/latest/u/img/icons/sso_icon_wiki-canonical.png>

The same problem occurs both on the sign-in page and the two-factor auth page.

See original description

Matthew Paul Thomas (mpt) on 2014-06-02

description:

updated

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.