Login page can contain unencrypted elements
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical SSO provider |
New
|
Undecided
|
Unassigned |
Bug Description
1. In a private/incognito window, go to <https:/
2. Click "Login" [sic].
3. Click the icon next to the URL.
What you see:
* In Firefox: "The connection to this website is not fully secure because it contains unencrypted elements (such as images)."
* In Chromium/Chome: "However, this page includes other resources which are not secure. These resources can be viewed by others while in transit and can be modified by an attacker to change the look of the page."
The culprit is the Canonical logo next to the words "Canonical Wiki".
<http://
The same problem occurs both on the sign-in page and the two-factor auth page.
description: | updated |