X
Tap here to go to the mobile version of the site.

Support Forum

The information you have entered on this page will be sent over an insecure connection and could be read by a third party.

Posted

when logging on to some sites I get a message" The information you have entered on this page will be sent over an insecure connection and could be read by a third party." Then I am unable to log on to the site. When searching on firefox help I get a host of answers but none relate to the problem. How do I force firefox to allow me to send the needed info?

when logging on to some sites I get a message" The information you have entered on this page will be sent over an insecure connection and could be read by a third party." Then I am unable to log on to the site. When searching on firefox help I get a host of answers but none relate to the problem. How do I force firefox to allow me to send the needed info?

Additional System Details

Installed Plug-ins

  • Shockwave Flash 32.0 r0

Application

  • Firefox 64.0
  • User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0
  • Support URL: https://support.mozilla.org/1/firefox/64.0/WINNT/en-US/

Extensions

  • Adobe Acrobat 18.0.9 (web2pdfextension.17@acrobat.adobe.com)
  • Popup blocker for FF: Poper Blocker 4.0.8.1 ({bee8b1f2-823a-424c-959c-f8f76c8b2306})
  • Avast Online Security 18.4.124 (wrc@avast.com) (Inactive)
  • Avast SafePrice | Comparison, deals, coupons 18.9.1290 (sp@avast.com) (Inactive)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: Intel(R) HD Graphics
  • adapterDescription2:
  • adapterDeviceID: 0x0046
  • adapterDeviceID2:
  • adapterDrivers: igdumd64 igd10umd64 igdumdx32 igd10umd32
  • adapterDrivers2:
  • adapterRAM: Unknown
  • adapterRAM2:
  • adapterSubsysID: 172a103c
  • adapterSubsysID2:
  • adapterVendorID: 0x8086
  • adapterVendorID2:
  • contentUsesTiling: False
  • crashGuards: []
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 10.0.17134.376
  • driverDate: 11-26-2012
  • driverDate2:
  • driverVersion: 8.15.10.2900
  • driverVersion2:
  • featureLog: {u'fallbacks': [], u'features': [{u'status': u'available', u'description': u'Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'HW_COMPOSITING'}, {u'status': u'available', u'description': u'Direct3D11 Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'D3D11_COMPOSITING'}, {u'status': u'available', u'description': u'Direct2D', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'DIRECT2D'}, {u'status': u'available', u'description': u'Direct3D11 hardware ANGLE', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'D3D11_HW_ANGLE'}, {u'status': u'available', u'description': u'GPU Process', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'GPU_PROCESS'}, {u'status': u'opt-in', u'description': u'WebRender', u'log': [{u'status': u'opt-in', u'message': u'WebRender is an opt-in feature', u'type': u'default'}], u'name': u'WEBRENDER'}, {u'status': u'blocked', u'description': u'WebRender qualified', u'log': [{u'status': u'available', u'type': u'default'}, {u'status': u'blocked', u'message': u'Not Nvidia', u'type': u'env'}], u'name': u'WEBRENDER_QUALIFIED'}, {u'status': u'available', u'description': u'Off Main Thread Painting', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'OMTP'}, {u'status': u'available', u'description': u'Advanced Layers', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'ADVANCED_LAYERS'}]}
  • info: {u'AzureContentBackend (UI Process)': u'skia', u'AzureCanvasBackend (UI Process)': u'skia', u'ApzWheelInput': 1, u'ApzDragInput': 1, u'ApzKeyboardInput': 1, u'AzureFallbackCanvasBackend (UI Process)': u'cairo', u'ApzAutoscrollInput': 1, u'AzureCanvasAccelerated': 0, u'AzureCanvasBackend': u'direct2d 1.1', u'AzureContentBackend': u'direct2d 1.1'}
  • isGPU2Active: False
  • numAcceleratedWindows: 2
  • numTotalWindows: 2
  • offMainThreadPaintEnabled: True
  • offMainThreadPaintWorkerCount: 3
  • usesTiling: False
  • webgl1DriverExtensions: GL_ANGLE_client_arrays GL_ANGLE_depth_texture GL_ANGLE_explicit_context GL_ANGLE_explicit_context_gles1 GL_ANGLE_framebuffer_blit GL_ANGLE_framebuffer_multisample GL_ANGLE_instanced_arrays GL_ANGLE_lossy_etc_decode GL_ANGLE_pack_reverse_row_order GL_ANGLE_program_cache_control GL_ANGLE_request_extension GL_ANGLE_robust_client_memory GL_ANGLE_texture_compression_dxt3 GL_ANGLE_texture_compression_dxt5 GL_ANGLE_texture_usage GL_ANGLE_translated_shader_source GL_CHROMIUM_bind_generates_resource GL_CHROMIUM_bind_uniform_location GL_CHROMIUM_color_buffer_float_rgb GL_CHROMIUM_color_buffer_float_rgba GL_CHROMIUM_copy_compressed_texture GL_CHROMIUM_copy_texture GL_CHROMIUM_sync_query GL_EXT_blend_minmax GL_EXT_color_buffer_half_float GL_EXT_debug_marker GL_EXT_discard_framebuffer GL_EXT_disjoint_timer_query GL_EXT_draw_buffers GL_EXT_frag_depth GL_EXT_map_buffer_range GL_EXT_occlusion_query_boolean GL_EXT_read_format_bgra GL_EXT_robustness GL_EXT_sRGB GL_EXT_shader_texture_lod GL_EXT_texture_compression_dxt1 GL_EXT_texture_compression_s3tc_srgb GL_EXT_texture_filter_anisotropic GL_EXT_texture_format_BGRA8888 GL_EXT_texture_rg GL_EXT_texture_storage GL_EXT_unpack_subimage GL_KHR_debug GL_KHR_parallel_shader_compile GL_KHR_robust_buffer_access_behavior GL_NV_EGL_stream_consumer_external GL_NV_fence GL_NV_pack_subimage GL_NV_pixel_buffer_object GL_OES_EGL_image GL_OES_EGL_image_external GL_OES_compressed_ETC1_RGB8_texture GL_OES_depth32 GL_OES_element_index_uint GL_OES_get_program_binary GL_OES_mapbuffer GL_OES_packed_depth_stencil GL_OES_rgb8_rgba8 GL_OES_standard_derivatives GL_OES_surfaceless_context GL_OES_texture_float GL_OES_texture_float_linear GL_OES_texture_half_float GL_OES_texture_half_float_linear GL_OES_texture_npot GL_OES_vertex_array_object OES_compressed_EAC_R11_signed_texture OES_compressed_EAC_R11_unsigned_texture OES_compressed_EAC_RG11_signed_texture OES_compressed_EAC_RG11_unsigned_texture OES_compressed_ETC2_RGB8_texture OES_compressed_ETC2_RGBA8_texture OES_compressed_ETC2_punchthroughA_RGBA8_texture OES_compressed_ETC2_punchthroughA_sRGB8_alpha_texture OES_compressed_ETC2_sRGB8_alpha8_texture OES_compressed_ETC2_sRGB8_texture
  • webgl1Extensions: ANGLE_instanced_arrays EXT_blend_minmax EXT_color_buffer_half_float EXT_frag_depth EXT_sRGB EXT_shader_texture_lod EXT_texture_filter_anisotropic EXT_disjoint_timer_query OES_element_index_uint OES_standard_derivatives OES_texture_float OES_texture_float_linear OES_texture_half_float OES_texture_half_float_linear OES_vertex_array_object WEBGL_color_buffer_float WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_depth_texture WEBGL_draw_buffers WEBGL_lose_context
  • webgl1Renderer: Google Inc. -- ANGLE (Intel(R) HD Graphics Direct3D11 vs_4_0 ps_4_0)
  • webgl1Version: OpenGL ES 2.0 (ANGLE 2.1.0.790e8e6b4179)
  • webgl1WSIInfo: EGL_VENDOR: Google Inc. (adapter LUID: 0000000000010d8a) EGL_VERSION: 1.4 (ANGLE 2.1.0.790e8e6b4179) EGL_EXTENSIONS: EGL_EXT_create_context_robustness EGL_ANGLE_d3d_share_handle_client_buffer EGL_ANGLE_d3d_texture_client_buffer EGL_ANGLE_surface_d3d_texture_2d_share_handle EGL_ANGLE_query_surface_pointer EGL_ANGLE_window_fixed_size EGL_ANGLE_keyed_mutex EGL_ANGLE_surface_orientation EGL_ANGLE_direct_composition EGL_NV_post_sub_buffer EGL_KHR_create_context EGL_EXT_device_query EGL_KHR_image EGL_KHR_image_base EGL_KHR_gl_texture_2D_image EGL_KHR_gl_texture_cubemap_image EGL_KHR_gl_renderbuffer_image EGL_KHR_get_all_proc_addresses EGL_KHR_stream EGL_KHR_stream_consumer_gltexture EGL_NV_stream_consumer_gltexture_yuv EGL_ANGLE_flexible_surface_compatibility EGL_ANGLE_stream_producer_d3d_texture EGL_ANGLE_create_context_webgl_compatibility EGL_CHROMIUM_create_context_bind_generates_resource EGL_CHROMIUM_sync_control EGL_EXT_pixel_format_float EGL_KHR_surfaceless_context EGL_ANGLE_display_texture_share_group EGL_ANGLE_create_context_client_arrays EGL_ANGLE_program_cache_control EGL_ANGLE_robust_resource_initialization EGL_ANGLE_create_context_extensions_enabled EGL_MOZ_create_context_provoking_vertex_dont_care EGL_EXTENSIONS(nullptr): EGL_EXT_client_extensions EGL_EXT_platform_base EGL_EXT_platform_device EGL_ANGLE_platform_angle EGL_ANGLE_platform_angle_d3d EGL_ANGLE_device_creation EGL_ANGLE_device_creation_d3d11 EGL_ANGLE_experimental_present_path EGL_KHR_client_get_all_proc_addresses EGL_KHR_debug EGL_ANGLE_explicit_context
  • webgl2DriverExtensions: -
  • webgl2Extensions: -
  • webgl2Renderer: WebGL creation failed: * tryANGLE * Exhausted GL driver options.
  • webgl2Version: -
  • webgl2WSIInfo: -
  • windowLayerManagerRemote: True
  • windowLayerManagerType: Direct3D 11
  • windowUsingAdvancedLayers: True

Modified Preferences

Misc

  • User JS: No
  • Accessibility: Yes
jscher2000
  • Top 10 Contributor
8693 solutions 71066 answers

Is it the drop-down that appears on password fields, for example, on my test page here:

http://www.jeffersonscher.com/res/logintest.html

(Don't enter any real login on that page)

That is to remind you that your login is not protected from interception because there is no encryption on HTTP connections, your username and password are sent out over the network as plain text.

That warning panel should appear below the user name and/or password field, but depending on the site's styling, it might block the field. In that case, you can clear it by tapping the Esc key.

Sometimes if I am on a page with an insecure login form and I enter asdf in both the username and password, the site switches me to a secure error page where I can enter my real login.

If you do not want to see the warning on your HTTP logins, you can remove it permanently as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste insec and pause while the list is filtered

(3) Double-click the security.insecure_field_warning.contextual.enabled preference to switch the value from true to false

(4) Assume this login could be easily stolen and avoid re-using it on important sites

Does that help? Is there still a problem logging in?

Is it the drop-down that appears on password fields, for example, on my test page here: http://www.jeffersonscher.com/res/logintest.html (Don't enter any real login on that page) <center><img src="https://prod-cdn.sumo.mozilla.net/uploads/images/2019-01-05-08-31-16-2dfa99.png" width="350"></center> That is to remind you that your login is not protected from interception because there is no encryption on HTTP connections, your username and password are sent out over the network as plain text. <p>That warning panel should appear below the user name and/or password field, but depending on the site's styling, it might block the field. <u>In that case, you can clear it by tapping the Esc key</u>.</p> Sometimes if I am on a page with an insecure login form and I enter asdf in both the username and password, the site switches me to a secure error page where I can enter my real login. If you do not want to see the warning on your HTTP logins, you can remove it permanently as follows: <p>(1) In a new tab, type or paste <strong>about:config</strong> in the address bar and press Enter/Return. Click the button promising to be careful.<br><br>(2) In the search box above the list, type or paste <strong>insec</strong> and pause while the list is filtered<br><br>(3) Double-click the <strong>security.insecure_field_warning.contextual.enabled</strong> preference to switch the value from true to false<br><br>(4) Assume this login could be easily stolen and avoid re-using it on important sites</p> Does that help? Is there still a problem logging in?

Modified by jscher2000

Question owner

Thank you for your quick response. Neither of the things you suggested has worked. Here is a screen shot: https://prod-cdn.sumo.mozilla.net/uploads/images/2019-01-05-08-50-09-9b6441.png

Thank you for your quick response. Neither of the things you suggested has worked. Here is a screen shot: https://prod-cdn.sumo.mozilla.net/uploads/images/2019-01-05-08-50-09-9b6441.png
jscher2000
  • Top 10 Contributor
8693 solutions 71066 answers

Hmm, that appears when you load the page, or when you fill and submit the login form?

Secure-to-Insecure Form Submit Warning

That dialog normally appears when you have filled a form on a secure page -- has an HTTPS address -- but the form is being submitted to an insecure page -- has an HTTP address. Firefox wants you to know the submission will not be private.

However, the login form on this page submits to a secure -- HTTPS -- address, so that doesn't seem to be the explanation here.

Something Else

In your screenshot, I don't see any data in the form, so it's not clear why you are getting that dialog. Possibly a bad add-on is modifying the page to steal information from you. To investigate that:

Could you test in Firefox's Safe Mode? In its Safe Mode, Firefox temporarily deactivates extensions, hardware acceleration, and some other advanced features to help you assess whether these are causing the problem.

If Firefox is not running: Hold down the Shift key when starting Firefox. (On Mac, hold down the option/alt key instead of the Shift key.)

If Firefox is running: You can restart Firefox in Safe Mode using either:

  • "3-bar" menu button > "?" Help button > Restart with Add-ons Disabled
  • (menu bar) Help menu > Restart with Add-ons Disabled

and OK the restart.

Both scenarios: A small dialog should appear. Click "Start in Safe Mode" (not Refresh).

Any improvement?

Hmm, that appears when you load the page, or when you fill and submit the login form? '''Secure-to-Insecure Form Submit Warning''' That dialog normally appears when you have filled a form on a secure page -- has an HTTPS address -- but the form is being submitted to an insecure page -- has an HTTP address. Firefox wants you to know the submission will not be private. However, the login form on this page submits to a secure -- HTTPS -- address, so that doesn't seem to be the explanation here. '''Something Else''' In your screenshot, I don't see any data in the form, so it's not clear why you are getting that dialog. Possibly a bad add-on is modifying the page to steal information from you. To investigate that: Could you test in Firefox's Safe Mode? In its Safe Mode, Firefox temporarily deactivates extensions, hardware acceleration, and some other advanced features to help you assess whether these are causing the problem. ''If Firefox is not running:'' Hold down the Shift key when starting Firefox. (On Mac, hold down the option/alt key instead of the Shift key.) ''If Firefox is running:'' You can restart Firefox in Safe Mode using either: * "3-bar" menu button > "?" Help button > Restart with Add-ons Disabled * (menu bar) Help menu > Restart with Add-ons Disabled and OK the restart. ''Both scenarios:'' A small dialog should appear. Click "Start in Safe Mode" (''not'' Refresh). Any improvement?

Question owner

Thank you again for response. This happens when you fill and submit the login form. The password disappears and does not send. Nothing is allowed until the error box is cleared. There is no difference in safe mode.

Thank you again for response. This happens when you fill and submit the login form. The password disappears and does not send. Nothing is allowed until the error box is cleared. There is no difference in safe mode.
cor-el
  • Top 10 Contributor
  • Moderator
17473 solutions 157934 answers

That is the formPostSecureToInsecureWarning.message

  • chrome://global/locale/browser.properties

As posted above, this form is submitted to a secure link and thus shouldn't cause this message to appear.

If you use extensions ("3-bar" menu button or Tools -> Add-ons -> Extensions) that can block (wanted) content (Adblock Plus, NoScript, Disconnect, Ghostery, Privacy Badger, uBlock Origin) always make sure such extensions do not block (wanted) content.

That is the formPostSecureToInsecureWarning.message * chrome://global/locale/browser.properties As posted above, this form is submitted to a secure link and thus shouldn't cause this message to appear. If you use extensions ("3-bar" menu button or Tools -> Add-ons -> Extensions) that can block (wanted) content (Adblock Plus, NoScript, Disconnect, Ghostery, Privacy Badger, uBlock Origin) always make sure such extensions do not block (wanted) content. *make sure your extensions and filters are updated to the latest version *https://support.mozilla.org/en-US/kb/troubleshoot-extensions-themes-to-fix-problems
jscher2000
  • Top 10 Contributor
8693 solutions 71066 answers

Hi e_minor_pentatonic, could you try this page:

https://www.christiandl.com/login2/

(That's the page I get when logging in with asdf asdf as my credentials.)

Note: This server uses an IPv6 address. I don't whether that is a factor in the problem on your Firefox. cor-el may have a better idea.

Hi e_minor_pentatonic, could you try this page: https://www.christiandl.com/login2/ (That's the page I get when logging in with asdf asdf as my credentials.) ''Note: This server uses an IPv6 address. I don't whether that is a factor in the problem on your Firefox. cor-el may have a better idea.''

Question owner

does the same thing

does the same thing
jscher2000
  • Top 10 Contributor
8693 solutions 71066 answers

It's troubling that a form submission which is supposed to go to an HTTPS address is instead, on your Firefox, going to an HTTP address. It seems something is modifying the page for some reason.

Do you have any external software that intercepts your browsing? For example, security suites or parental filtering.

It's troubling that a form submission which is supposed to go to an HTTPS address is instead, on your Firefox, going to an HTTP address. It seems something is modifying the page for some reason. Do you have any external software that intercepts your browsing? For example, security suites or parental filtering.

Question owner

No I don't. This happens on other computers as well and with other browsers

No I don't. This happens on other computers as well and with other browsers

Question owner

I also turned off all virus protection and it did not help. Started windows in safe mode, no success

I also turned off all virus protection and it did not help. Started windows in safe mode, no success
jscher2000
  • Top 10 Contributor
8693 solutions 71066 answers

Could you power-cycle your router? By that I mean, disconnect it from A/C power for 10 seconds, then plug it back in to reboot it.

Could you power-cycle your router? By that I mean, disconnect it from A/C power for 10 seconds, then plug it back in to reboot it.

Question owner

I have also tried this as well. Others on the forum don't seem to have have the same problem

I have also tried this as well. Others on the forum don't seem to have have the same problem
jscher2000
  • Top 10 Contributor
8693 solutions 71066 answers

You definitely should not have this problem. I consider it suspicious, as though there is a program or process that wants to steal your passwords by submitting them insecurely.

Perhaps the next step is to check for malware: Troubleshoot Firefox issues caused by malware.

You definitely should not have this problem. I consider it suspicious, as though there is a program or process that wants to steal your passwords by submitting them insecurely. Perhaps the next step is to check for malware: [[Troubleshoot Firefox issues caused by malware]].
cor-el
  • Top 10 Contributor
  • Moderator
17473 solutions 157934 answers

What do you see in the form when you right-click in one of the input fields and open the Inspector?

Go up in the DOM tree until you see the 'form' tag like in the screenshot I posted above.

What do you see in the form when you right-click in one of the input fields and open the Inspector? Go up in the DOM tree until you see the 'form' tag like in the screenshot I posted above. *https://developer.mozilla.org/en-US/Tools/Page_Inspector

Question owner

here it is https://prod-cdn.sumo.mozilla.net/uploads/images/2019-01-05-13-00-11-8e2dcf.png
cor-el
  • Top 10 Contributor
  • Moderator
17473 solutions 157934 answers

OK. This hows that the form is submitted to

This is different than what we see.


Clear the Cache and remove the Cookies from websites that cause problems via the "3-bar" Firefox menu button (Options/Preferences).

"Remove the Cookies" from websites that cause problems:

  • Options/Preferences -> Privacy & Security
    Cookies and Site Data -> Manage Data

"Clear the Cache":

  • Options/Preferences -> Privacy & Security
    Cookies and Site Data -> Clear Data -> Cached Web Content: Clear

You can remove all data stored in Firefox from a specific domain via "Forget About This Site" in the right-click context menu of an history entry ("History -> Show All History" or "View -> Sidebar -> History").

Using "Forget About This Site" will remove all data stored in Firefox from this domain like history and cookies and passwords and exceptions and cache, so be cautious. If you have a password or other data from that domain that you do not want to lose then make sure to backup this data or make a note.

You can't recover from this 'forget' unless you have a backup of involved files.

If you revisit a 'forgotten' website then data from that website will be saved once again.

OK. This hows that the form is submitted to *http://christiandl.com/login2/ This is different than what we see. ---- Clear the Cache and remove the Cookies from websites that cause problems via the "3-bar" Firefox menu button (Options/Preferences). "Remove the Cookies" from websites that cause problems: *Options/Preferences -> Privacy & Security<br>Cookies and Site Data -> Manage Data "Clear the Cache": *Options/Preferences -> Privacy & Security<br>Cookies and Site Data -> Clear Data -> Cached Web Content: Clear You can remove all data stored in Firefox from a specific domain via "Forget About This Site" in the right-click context menu of an history entry ("History -> Show All History" or "View -> Sidebar -> History"). Using "Forget About This Site" will remove all data stored in Firefox from this domain like history and cookies and passwords and exceptions and cache, so be cautious. If you have a password or other data from that domain that you do not want to lose then make sure to backup this data or make a note. You can't recover from this 'forget' unless you have a backup of involved files. If you revisit a 'forgotten' website then data from that website will be saved once again. *https://support.mozilla.org/en-US/kb/delete-browsing-search-download-history-firefox

Question owner

Thank you for trying to help, however, these suggestions have not cured the issue.

Thank you for trying to help, however, these suggestions have not cured the issue.
jscher2000
  • Top 10 Contributor
8693 solutions 71066 answers

Hi e_minor_pentatonic, it's difficult to understand how the code of the forms is different but look the same on the page (code screenshot comparison attached). It still seems suspicious, particularly if it happens on multiple sites.

Hi e_minor_pentatonic, it's difficult to understand how the code of the forms is different but look the same on the page (code screenshot comparison attached). It still seems suspicious, particularly if it happens on multiple sites.
sadolino 0 solutions 41 answers

Hi e_minor_pentatonic,

look on this thread, i give in some Solutions.

Insecure connection

Reply back,pls.

Hi e_minor_pentatonic, look on this thread, i give in some Solutions. [https://support.mozilla.org/de/questions/1241277#answer-1189159 Insecure connection] Reply back,pls.