X
Tap here to go to the mobile version of the site.

Support Forum

HTTPS displays as non secure for RBC bank

Posted

I went to the web site "https://jobs.rbc.com/ca/en" and Firefox shows lock with a caution symbol icon, see enclosed. However when I open "web developer" then "network" to view what part is not secure none of the components are insecure even when I scroll through the list.

Why does Firefox 64 show the site as insecure?

I went to the web site "https://jobs.rbc.com/ca/en" and Firefox shows lock with a caution symbol icon, see enclosed. However when I open "web developer" then "network" to view what part is not secure none of the components are insecure even when I scroll through the list. Why does Firefox 64 show the site as insecure?
Attached screenshots

Modified by mace2

Quote

Additional System Details

Installed Plug-ins

All extensions where disabled. when I performed this test

Application

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:64.0) Gecko/20100101 Firefox/64.0

More Information

McCoy
  • Top 10 Contributor
266 solutions 2265 answers

Hello mace2,

Would you please take a look at this article :

https://support.mozilla.org/en-US/kb/mixed-content-blocking-firefox

When you scroll down some, you will see :

A grey lock with an orange triangle indicates that Firefox is not blocking insecure passive content, such as images. By default, Firefox does not block mixed passive content; you will simply see a warning that the page isn't fully secure. Attackers may be able to manipulate parts of the page, for example, by displaying misleading or inappropriate content, but they should not be able to steal your personal data from the site.

Hello mace2, Would you please take a look at this article : https://support.mozilla.org/en-US/kb/mixed-content-blocking-firefox When you scroll down some, you will see : ''A grey lock with an orange triangle indicates that Firefox is not blocking insecure passive content, such as images. By default, Firefox does not block mixed passive content; you will simply see a warning that the page isn't fully secure. Attackers may be able to manipulate parts of the page, for example, by displaying misleading or inappropriate content, but they should not be able to steal your personal data from the site. ''
Was this helpful to you? 0
Quote
cor-el
  • Top 10 Contributor
  • Moderator
16789 solutions 151720 answers

Helpful Reply

I see the shield icon indicating that Content Blocking is active. You can check the Web Console tab to see more detail about what content is blocked by CB and what content is loaded over an open HTTP connection causing the exclamation mark to appear.

I see the shield icon indicating that Content Blocking is active. You can check the Web Console tab to see more detail about what content is blocked by CB and what content is loaded over an open HTTP connection causing the exclamation mark to appear. *"3-bar" menu button or Tools -> Web Developer *https://developer.mozilla.org/en-US/Tools/Web_Console
Was this helpful to you? 1
Quote

Question owner

The web console shows the following info that the network view did not initial.

Loading mixed (insecure) display content “http://assets.phenompeople.com/CareerConnectResources/RBCAA0088/en_ca/desktop/assets/images/thumb/bup/I&TS.png” on a secure page[Learn More]

I am still not sure why the network view did not show the insecure value. It does now

The web console shows the following info that the network view did not initial. '''Loading mixed (insecure)''' display content “http://assets.phenompeople.com/CareerConnectResources/RBCAA0088/en_ca/desktop/assets/images/thumb/bup/I&TS.png” on a secure page[Learn More] I am still not sure why the network view did not show the insecure value. It does '''now'''
Was this helpful to you?
Quote

Question owner

Attached the now working view from "web developer" "network" showing non https components.

Attached the now working view from "web developer" "network" showing non https components.
Was this helpful to you?
Quote
WestEnd
  • Top 10 Contributor
58 solutions 3853 answers

I am using FF64.0.2 and click the link and clicked the login and got no warning about security.

I am using FF64.0.2 and click the link and clicked the login and got no warning about security.
Was this helpful to you? 0
Quote
cor-el
  • Top 10 Contributor
  • Moderator
16789 solutions 151720 answers

If you would hover such an image then you should see a preview. This is a problem with the website. Firefox merely warns you by showing an exclamation mark attached to the padlock. You can contact the website to inform them about this insecure mixed content on their pages.

If you would hover such an image then you should see a preview. This is a problem with the website. Firefox merely warns you by showing an exclamation mark attached to the padlock. You can contact the website to inform them about this insecure mixed content on their pages.
Was this helpful to you?
Quote
jscher2000
  • Top 10 Contributor
8025 solutions 65562 answers

I would not expect to see that on the bank's own secure pages, but these job listings might not be equally secure because they could contain "user generated content" on HTTP paths that the person submitting the listing never tested in a secure context (or didn't care!).

I would not expect to see that on the bank's own secure pages, but these job listings might not be equally secure because they could contain "user generated content" on HTTP paths that the person submitting the listing never tested in a secure context (or didn't care!).
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.