This bugs is to take the insecure password warning to Beta. It requires a couple line code change here: https://dxr.mozilla.org/mozilla-central/source/browser/app/profile/firefox.js?q=browser%2Fapp%2Fprofile%2Ffirefox.js&redirect_type=direct#1220

It sounds like the best we can do here is get the first half of the beta release with: #ifdef EARLY_BETA_OR_EARLIER

If we want this to make Firefox Beta 50, we will have to land this next week and get uplift approval to aurora. Alternatively, since this is just a pref change, we could go the hotfix route if the uplift doesn't get approved.

Comment on attachment 8790202 [details] Bug 1301772 - Turn on Insecure Password Warning in Firefox Beta. https://reviewboard.mozilla.org/r/78126/#review76606 ::: browser/app/profile/firefox.js:1223 (Diff revision 1) > > // Block insecure active content on https pages > pref("security.mixed_content.block_active_content", true); > > // Show degraded UI for http pages with password fields. > // Only for Nightly and Dev Edition for not, not for beta or release. Please update this comment to no longer say "not for beta".

Good point, thanks. It's probably a pointless comment, but I've updated it to reflect reality.

Pushed by pastithas@mozilla.com: https://hg.mozilla.org/integration/fx-team/rev/5d8afbdb3620 Turn on Insecure Password Warning in Firefox Beta. r=florian

Panos, can you request uplift to aurora? That way, the pref will be turned on for Firefox 50 Beta.

Sure, I'm just waiting for the patch to land on m-c.

Comment on attachment 8790202 [details] Bug 1301772 - Turn on Insecure Password Warning in Firefox Beta. Approval Request Comment [Feature/regressing bug #]: feature from bug 1179961 [User impact if declined]: product and engineering want to get more feedback from early beta users, so we want to let this feature ride another train when 50 is merged to beta [Describe test coverage new/current, TreeHerder]: there are automated tests for this in the tree [Risks and why]: no risk, just a pref flip [String/UUID change made/needed]: none

Comment on attachment 8790202 [details] Bug 1301772 - Turn on Insecure Password Warning in Firefox Beta. Makes sense, Aurora50+

I guess this can only be verified once 50 is merged to beta.

Updated the site compatibility doc: https://www.fxsitecompat.com/en-CA/docs/2015/non-https-sites-containing-login-form-will-be-marked-insecure/ Will tweet from @FxSiteCompat to get more attention from developers.

The lock with a strikethrough is displayed fine on the test pages: http://people.mozilla.org/~tvyas/password/password_insecure.html http://people.mozilla.org/~tvyas/password/frame_password.html Verified fixed FX 50b1, 51.0a2 (2016-09-21) Win 7.

Is this going to ride the train to release, or is that a separate bug? Gerv

(In reply to Gervase Markham [:gerv] from comment #16) > Is this going to ride the train to release, or is that a separate bug? It is going to be a separate bug.