Go to about:config and set: security.insecure_field_warning.contextual.enabled to true signon.autofillForms.http to true Go to an http page with a password field; example: http://mysqueezebox.com/user/login. Focus on the username or password field. You will see the insecure password warning message with a Learn More link. Try to click on the Learn More link. Nothing happens. The browser console does show a warning when the dropdown appears (before I try to keep Learn More). The warning is: Invalid chrome URI: / I am using Nightly 53.0a1 from 2016-11-16 on OSX. Learn More link works for MattN though; so I'm not sure if this is intermittent.

I can only reproduce this in Ubuntu Linux so far but Windows and MacOSX.

If Learn More link is clicked quick enough after pop-up showing, it works. This issue is easy to reproduce with these steps in MacOSX and Linux: 1. Trigger the login autocomplete drop-down. 2. Wait 2~3 seconds. 3. Click Learn More link, and there is nothing happened. The expected behavior in step 3 is to open the link in another tab. The link works in waiting for a short time in step 2. Timing issue probably.

Hmm, the STR can not always reproduce the issue as well.

A decision was made with Philipp Sackl and Stephen Horlander to remove the "Learn more" link. It's out of place in the context of a dropdown menu, and the link is available in Control Center if users are really puzzled.

(In reply to Ryan Feeley [:rfeeley] from comment #4) > A decision was made with Philipp Sackl and Stephen Horlander to remove the > "Learn more" link. It's out of place in the context of a dropdown menu, and > the link is available in Control Center if users are really puzzled. Yay! Do you want to open the SUMO article if the user selects (e.g. hits Enter on) the warning row?

(In reply to Matthew N. [:MattN] (PM me if requests are blocking you) from comment #5) > (In reply to Ryan Feeley [:rfeeley] from comment #4) > > A decision was made with Philipp Sackl and Stephen Horlander to remove the > > "Learn more" link. It's out of place in the context of a dropdown menu, and > > the link is available in Control Center if users are really puzzled. > > Yay! Do you want to open the SUMO article if the user selects (e.g. hits > Enter on) the warning row? I forgot I already filed bug 1319176 for that so I'll just remove Learn More here and needinfo you there..

> Yay! Do you want to open the SUMO article if the user selects (e.g. hits > Enter on) the warning row? No need, the row is not selectable, does not highlight and is essentially a header row.

(In reply to Ryan Feeley [:rfeeley] from comment #7) > > Yay! Do you want to open the SUMO article if the user selects (e.g. hits > > Enter on) the warning row? > > No need, the row is not selectable, does not highlight and is essentially a > header row. I clarified on IRC that it was implemented as selectable because of the Learn More behaviour and to be consistent with the footer that is coming. Ryan responded to that with bug 1319176 comment 3.

Comment on attachment 8813871 [details] Bug 1318537 - Remove Learn More link from the insecure login field autocomplete popup. https://reviewboard.mozilla.org/r/95188/#review95366 ::: toolkit/locales/en-US/chrome/passwordmgr/passwordmgr.properties (Diff revision 1) > noUsername=No username > duplicateLoginTitle=Login already exists > duplicateLogin=A duplicate login already exists. > > insecureFieldWarningDescription = This connection is not secure. Logins entered here could be compromised. > -insecureFieldWarningLearnMore = Learn More The patch for uplift will simply omit this change to avoid breaking string freeze.

Comment on attachment 8813871 [details] Bug 1318537 - Remove Learn More link from the insecure login field autocomplete popup. Looks good to me!

Pushed by mozilla@noorenberghe.ca: https://hg.mozilla.org/integration/mozilla-inbound/rev/c752386b6631 Remove Learn More link from the insecure login field autocomplete popup. r=seanlee

Matt, please request uplift to FF 52.

This blocks bug 1317882 from being uplifted. Please cancel needinfo there once the uplift request is submitted here.

Matt, please rebase the patch for aurora (and remove the removal of the Learn More string to avoid string freeze issues) and then request for uplift.

Comment on attachment 8818637 [details] [Aurora] Bug 1318537 - Remove Learn More link from the insecure login field autocomplete popup. Approval Request Comment [Feature/Bug causing the regression]: Bug 1304224 - Insecure field warning [User impact if declined]: Learn more link sometimes doesn't work and the interaction of a link inside autocomplete is unusual. [Is this code covered by automated tests?]: The code is but nothing checks the presence of the Learn More link [Has the fix been verified in Nightly?]: Not by QA but by other devs [Needs manual test from QE? If yes, steps to reproduce]: No [List of other uplifts needed for the feature/fix]: Bug 1289913 depends on this to avoid bitrot [Is the change risky?]: No [Why is the change risky/not risky?]: trivial deletion [String changes made/needed]: No, unused string will stay on 52 (deleted on 53)

Comment on attachment 8818637 [details] [Aurora] Bug 1318537 - Remove Learn More link from the insecure login field autocomplete popup. remove link from autocomplete popup, for aurora52

Tested with FF Nighlty 53.0a1(2017-01-15) and DevEdition 52.0a2(2017-01-15) on Mac OS X 10.10, Windows 7 and Ubuntu 16.04 and the "Learn More" link doesn't appear. Based on that I can confirm the fix.