When webpages contain mixed content, does (or can) Firefox block content from unsecure sources?
When secure webpages (those using SSL) contain content from non-SSL sources, Internet Explorer 8 and 9 ask if you want to view only the content that was delivered securely. I haven't been able to find a similar prompt in Firefox. I know of three possible explanations: 1. Firefox does not offer protection against mixed content. I hope this isn't the case! 2. Firefox has a setting I haven't found. 3. Firefox may offer the protection but in a different manner than Internet Explorer.
Ausgewählte Lösung
Firefox doesn't and can't block content coming via an insecure connection in that case, but you can get a warning.
The settings for the warning messages have been removed from the user interface (Bug 513166).
You need to change the related security.warn_* prefs directly on the about:config page.
Filter: security.warn_viewing_mixed
Alle Antworten (2)
Ausgewählte Lösung
Firefox doesn't and can't block content coming via an insecure connection in that case, but you can get a warning.
The settings for the warning messages have been removed from the user interface (Bug 513166).
You need to change the related security.warn_* prefs directly on the about:config page.
Filter: security.warn_viewing_mixed
Thanks, cor-el, for clarifying this. Do you know why Firefox doesn't try to block insecure content?