HTTPS mode in all windows only failure
When going to a site with FF, 90 which has partial secure information FF still allows access even though the site is not completely https. this should not be allowed HTTPS only should work if the site is completely compliant with HTTPS.
The example site is https://www.brampton.ca//en/online-services/pages/bramcams.aspx
If you click on one of the camera images with "https mode in all windows only" set, no image is displayed and the icon suggest HTTPS but the site is only partial https.
With "https mode in all windows" no configured you get the secure lock icon with the exclamation. see enclosed.
All Replies (6)
Note that clicking the padlock and selecting "HTTPS-Only Mode: Off temporarily" is sufficient to load the camera images (they are accessed via http://184.108.40.206:xxxx).
For me, HTTPS Only mode blocks insecure embedded images.
For confirmation, I have this old test page (third image is insecure and can't be upgraded to HTTPS): https://www.jeffersonscher.com/res/mixed-display.html
I see what you mean but I think FF should refuse to display the page if it is mixed https as the configuration setting is ""https-only mode in all windows"
The mixed content is blocked. You would prefer to see nothing at all than only the secure content?
Correct. Like Co-rel says I can override it if I wish.
Seems like a lot of extra work. Definitely would not want it to default to that behavior.