X
Tap here to go to the mobile version of the site.

Support Forum

This thread was closed and archived. Please ask a new question if you need help.

How to re-enable warnings about insecure HTTP(S) contents in Firefox 19?

Posted

Firefox 19 seems to have dropped the warnings about insecure HTTP(S) contents, i.e. warn about submitting form data over HTTP (no S!), mixed secure and insecure contents, leaving a HTTPS page and so on. How can I get these warnings back? Or are there now different warning mechanisms (e.g. showing an insecure form submission in adance, that means at the time of filling it in)?

Firefox 19 seems to have dropped the warnings about insecure HTTP(S) contents, i.e. warn about submitting form data over HTTP (no S!), mixed secure and insecure contents, leaving a HTTPS page and so on. How can I get these warnings back? Or are there now different warning mechanisms (e.g. showing an insecure form submission in adance, that means at the time of filling it in)?

Additional System Details

Installed Plug-ins

  • Shockwave Flash 11.2 r202
  • This plugin provides integration with Gnome Shell for live extension enabling and disabling. It can be used only by extensions.gnome.org
  • Version 2.0.1 Twoflower, copyright 1996-2011 VideoLAN and Authorshttp://www.videolan.org/vlc/

Application

  • User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:19.0) Gecko/20100101 Firefox/19.0

More Information

cor-el
  • Top 10 Contributor
  • Moderator
12148 solutions 112820 answers

Those warnings are gone, so you can't restore them.

  • bug 799009 - Remove support for obsolete SSL-related warning prompts
Warning, you are about to enter a secure site
Warning, you are about to leave a secure site
Warning, you are about to submit a form to an insecure site, when you are already on an insecure site.
Warning, you are viewing a site with mixed content.
Those warnings are gone, so you can't restore them. *[https://bugzilla.mozilla.org/show_bug.cgi?id=799009 bug 799009] - Remove support for obsolete SSL-related warning prompts Warning, you are about to enter a secure site Warning, you are about to leave a secure site Warning, you are about to submit a form to an insecure site, when you are already on an insecure site. Warning, you are viewing a site with mixed content.
philipp
  • Top 10 Contributor
  • Moderator
2957 solutions 13779 answers

Helpful Reply

firefox will now allow you to block active mixed content though - enter about:config into the firefox location bar (confirm the info message in case it shows up) & search for the preference named security.mixed_content.block_active_content. double-click it and change its value to true.

firefox will now allow you to block active mixed content though - enter '''about:config''' into the firefox location bar (confirm the info message in case it shows up) & search for the preference named '''security.mixed_content.block_active_content'''. double-click it and change its value to '''true'''.
cor-el
  • Top 10 Contributor
  • Moderator
12148 solutions 112820 answers
See also: *https://developer.mozilla.org/en/Site_Compatibility_for_Firefox_18#FYI.3A_Preferences_to_prevent_non-SSL_contents_on_SSL_pages_from_loading_have_been_added *https://developer.mozilla.org/en-US/docs/Security/MixedContent

Modified by cor-el

Question owner

OK, thanks a lot about the explanations, but in my opinion there are still two things open:

  1. Leaving a secure site. The former dialog did only inform one, but a prompt would be better, so that one can choose. Since you folks think it's outdated and I disagree the prompt could be disabled by default but security-aware people may enable it.
  2. Submitting form data to an insecure site. The warning at submit time is maybe too late, so why not show a symbol on the site before/while filling it in?
OK, thanks a lot about the explanations, but in my opinion there are still two things open: # Leaving a secure site. The former dialog did only inform one, but a prompt would be better, so that one can choose. Since you folks think it's outdated and I disagree the prompt could be disabled by default but security-aware people may enable it. # Submitting form data to an insecure site. The warning at submit time is maybe too late, so why not show a symbol on the site before/while filling it in?