fa-search icon should not be displayed while loading unsafe scripts #7191

luixxiul · 2017-02-11T07:49:05Z

Describe the issue you encountered: fa-search should not be displayed while loading unsafe scripts

Platform (Win7, 8, 10? macOS? Linux distro?): Windows 10 32 bit
Brave Version (revision SHA): 0.13.3 RC1
Steps to reproduce:
1. Open https://mixed-script.badssl.com
2. Click the lock icon
3. Select "Load Unsafe Scripts"
Actual result: The fa-search icon is displayed and soon it is replaced with the unlock icon
Expected result: There could be two results

the fa-lock icon should be replaced as soon as scripts are loaded and executed (before onload is fired)
the fa-lock icon should be replaced after all of the scripts are loaded and executed

In my humble opinion the 1st one is better because attacker could intentionaly slow down downloading the other resources . CC @diracdeltas

Otherwise we could simply replace the icon when the buttons are pushed.

bsclifton · 2017-02-12T09:01:36Z

Similar issue: #5490

srirambv · 2017-05-11T09:33:26Z

It no longer shows fa-search icon when load unsafe script is clicked. Could this be closed?

luixxiul · 2017-05-11T10:14:50Z

Yes the issue has been fixed already, closing.

luixxiul added feature/URLbar security suggestion labels Feb 11, 2017

luixxiul added this to the 0.13.4 milestone Feb 11, 2017

bbondy modified the milestones: 0.13.5, 0.13.6 Feb 15, 2017

luixxiul closed this as completed May 11, 2017

luixxiul added this to the Backlog milestone May 11, 2017

luixxiul removed this from the Backlog milestone Sep 18, 2017

Provide feedback