Hilfe durchsuchen

Vorsicht vor Support-Betrug: Wir fordern Sie niemals auf, eine Nummer anzurufen, sie per SMS zu kontaktieren oder persönliche Daten preiszugeben. Bitte melden Sie verdächtige Aktivitäten über die Funktion „Missbrauch melden“.

Learn More

Disable upgrading HTTP images to HTTPS site

  • 3 Antworten
  • 0 haben dieses Problem
  • 11 Aufrufe
  • Letzte Antwort von Terry

more options

Hi!

Is there any settings or about:config settings or addons that disable upgrading HTTP to HTTPS for images? I have HTTPS site which redirects from HTTP to HTTPS from server side so I cant visit it on HTTP mode. This HTTPS only site uses external images from HTTP only site that does not speak HTTPS.

Firefox writes in browser console: > Content Security Policy: Upgrading insecure request ‘http://site.com/someimage.jpg’ to use ‘https’

How do I disable this behavior? Any about:config settings or browser addons to get rid of this?

Hi! Is there any settings or about:config settings or addons that disable upgrading HTTP to HTTPS for images? I have HTTPS site which redirects from HTTP to HTTPS from server side so I cant visit it on HTTP mode. This HTTPS only site uses external images from HTTP only site that does not speak HTTPS. Firefox writes in browser console: > Content Security Policy: Upgrading insecure request ‘http://site.com/someimage.jpg’ to use ‘https’ How do I disable this behavior? Any about:config settings or browser addons to get rid of this?

Alle Antworten (3)

more options

Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?

Hilfreich?

more options

Sorry, can't post link here.

But important key takeaway is that this page has <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> in it's html source code and I either need some plugin to remove it from source code before Firefox starts to parse HTML or some hack to modify Firefox to ignore this.

It also had Upgrade-Insecure-Requests http header but that I was able to remove with Modify Header Value (HTTP Headers) addon so this meta tag is the only suspect left.

Geändert am von wybqogzigoxruxdhnp

Hilfreich?

more options

There is this preference in about:config which you can change to false. I don't know whether that is effective against such code on the website. browser.fixup.fallback-to-https

I see that I also have this preference (set to */*). image.http.accept

Geändert am von Terry

Hilfreich?

Stellen Sie eine Frage

Sie müssen sich mit Ihrem Benutzerkonto anmelden, um auf Beiträge zu antworten. Bitte stellen Sie eine neue Frage, wenn Sie noch kein Benutzerkonto haben.