Wersije přirunać
Mixed content blocking in Firefox
Wersija 40989:
Wersija 40989 wot wužiwarja davidbruant
Wersija 43064:
Wersija 43064 wot wužiwarja Swarnava
Klučowe słowa:
Zjeće pytanskich wuslědkow:
Firefox automatically blocks insecure or mixed content from secure web pages. We'll explain what that means and what options you have.
Firefox automatically blocks insecure or mixed content from secure web pages. We'll explain what that means and what options you have.
Wobsah:
{for not fx23}
[[T:ApplyToFx|channel=Aurora|slug=aurora]]
{/for}
When you see the shield icon in the address bar, it means that Firefox has blocked content that is insecure on the page you're visiting. We'll explain what that means and what options you have.<br>
[[Image:Mixed Content Blocking]]
=What is mixed content?=
When you visit a page served over HTTP ([[How do I tell if my connection to a website is secure?#w_gray-globe|gray globe]] in the address bar), your connection is open for eavesdropping and [http://en.wikipedia.org/wiki/Man-in-the-middle_attack man-in-the-middle] attacks. Most websites are served over HTTP because they don't involve passing sensitive information back and forth and do not need to be secured. When you visit a page served over HTTPS ([[How do I tell if my connection to a website is secure?#w_gray-padlock|gray padlock]] or [[How do I tell if my connection to a website is secure?#w_green-padlock|green padlock]] in the address bar), like your bank, your connection is authenticated and encrypted and hence safeguarded from eavesdroppers and man-in-the-middle attacks.
However, if the HTTPS page you visit includes HTTP content, the HTTP portion can be read or modified by attackers, even though the main page is served over HTTPS. When an HTTPS page has HTTP content, we call that content “mixed”. The page you are visiting is only partially encrypted and even though it appears to be [[How do I tell if my connection to a website is secure?|secure]], it isn't.
The Mixed Content Blocker blocks potentially harmful HTTP content on HTTPS pages.
=What are the risks?=
An attacker can replace the HTTP content on the page you're visiting so that they can steal your credentials, take over your account, acquire sensitive data about you, or attempt to install malware on your computer.
=What options do I have?=
'''Most websites will continue to work normally without any action on your part.'''
If you need to allow the mixed content to be displayed, you can do that easily:
*Click the '''shield icon''' in the address bar and choose '''Disable protection on this page''' from the dropdown menu.<br>[[Image:Disable protection]]
**The padlock icon in the address bar will change to a yellow warning sign to remind you that insecure content is being displayed.
{note}'''Note:''' For more information about Mixed Content, see [https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23 this blog post].{/note}
{for not fx23}
[[T:ApplyToFx|channel=Aurora|slug=aurora]]
{/for}
When you see the shield icon in the address bar, it means that Firefox has blocked content that is insecure on the page you're visiting. We'll explain what that means and what options you have.<br>
[[Image:Mixed Content Blocking]]
=What is mixed content?=
When you visit a page served over HTTP ([[How do I tell if my connection to a website is secure?#w_gray-globe|gray globe]] in the address bar), your connection is open for eavesdropping and [http://en.wikipedia.org/wiki/Man-in-the-middle_attack man-in-the-middle] attacks. Most websites are served over HTTP because they don't involve passing sensitive information back and forth and do not need to be secured. When you visit a page served over HTTPS ([[How do I tell if my connection to a website is secure?#w_gray-padlock|gray padlock]] or [[How do I tell if my connection to a website is secure?#w_green-padlock|green padlock]] in the address bar), like your bank, your connection is authenticated and encrypted and hence safeguarded from eavesdroppers and man-in-the-middle attacks.
However, if the HTTPS page you visit includes HTTP content, the HTTP portion can be read or modified by attackers, even though the main page is served over HTTPS. When an HTTPS page has HTTP content, we call that content “mixed”. The page you are visiting is only partially encrypted and even though it appears to be [[How do I tell if my connection to a website is secure?|secure]], it isn't.
The Mixed Content Blocker blocks potentially harmful HTTP content on HTTPS pages.
=What are the risks?=
An attacker can replace the HTTP content on the page you're visiting so that they can steal your credentials, take over your account, acquire sensitive data about you, or attempt to install malware on your computer.
=What options do I have?=
'''Most websites will continue to work normally without any action on your part.'''
If you need to allow the mixed content to be displayed, you can do that easily:
*Click the '''shield icon''' in the address bar and choose '''Disable protection on this page''' from the dropdown menu.<br>[[Image:Disable protection]]
**The padlock icon in the address bar will change to a yellow warning sign to remind you that insecure content is being displayed.
{note}'''Note:''' For more information about Mixed Content, see [https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23 this blog post].{/note}
[[Template:ShareArticle|link=http://mzl.la/13jCUSU]]