X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Lolu chungechunge lwavalwa lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

How to re-enable warnings about insecure HTTP(S) contents in Firefox 19?

Kuphostiwe

Firefox 19 seems to have dropped the warnings about insecure HTTP(S) contents, i.e. warn about submitting form data over HTTP (no S!), mixed secure and insecure contents, leaving a HTTPS page and so on. How can I get these warnings back? Or are there now different warning mechanisms (e.g. showing an insecure form submission in adance, that means at the time of filling it in)?

Firefox 19 seems to have dropped the warnings about insecure HTTP(S) contents, i.e. warn about submitting form data over HTTP (no S!), mixed secure and insecure contents, leaving a HTTPS page and so on. How can I get these warnings back? Or are there now different warning mechanisms (e.g. showing an insecure form submission in adance, that means at the time of filling it in)?

Eminye Imininingwane Yohlelo

Fakela amapulagi

  • Shockwave Flash 11.2 r202
  • This plugin provides integration with Gnome Shell for live extension enabling and disabling. It can be used only by extensions.gnome.org
  • Version 2.0.1 Twoflower, copyright 1996-2011 VideoLAN and Authorshttp://www.videolan.org/vlc/

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:19.0) Gecko/20100101 Firefox/19.0

Eminye Imininingwane

cor-el
  • Top 10 Contributor
  • Moderator
17785 izisombululo 160874 izimpendulo
Kuphostiwe

Those warnings are gone, so you can't restore them.

  • bug 799009 - Remove support for obsolete SSL-related warning prompts
Warning, you are about to enter a secure site
Warning, you are about to leave a secure site
Warning, you are about to submit a form to an insecure site, when you are already on an insecure site.
Warning, you are viewing a site with mixed content.
Those warnings are gone, so you can't restore them. *[https://bugzilla.mozilla.org/show_bug.cgi?id=799009 bug 799009] - Remove support for obsolete SSL-related warning prompts Warning, you are about to enter a secure site Warning, you are about to leave a secure site Warning, you are about to submit a form to an insecure site, when you are already on an insecure site. Warning, you are viewing a site with mixed content.
philipp
  • Top 25 Contributor
  • Moderator
5347 izisombululo 23612 izimpendulo
Kuphostiwe

Impendulo Ewusizo

firefox will now allow you to block active mixed content though - enter about:config into the firefox location bar (confirm the info message in case it shows up) & search for the preference named security.mixed_content.block_active_content. double-click it and change its value to true.

firefox will now allow you to block active mixed content though - enter '''about:config''' into the firefox location bar (confirm the info message in case it shows up) & search for the preference named '''security.mixed_content.block_active_content'''. double-click it and change its value to '''true'''.
cor-el
  • Top 10 Contributor
  • Moderator
17785 izisombululo 160874 izimpendulo
Kuphostiwe
See also: *https://developer.mozilla.org/en/Site_Compatibility_for_Firefox_18#FYI.3A_Preferences_to_prevent_non-SSL_contents_on_SSL_pages_from_loading_have_been_added *https://developer.mozilla.org/en-US/docs/Security/MixedContent

Okulungisiwe ngu cor-el

Umnikazi wombuzo

OK, thanks a lot about the explanations, but in my opinion there are still two things open:

  1. Leaving a secure site. The former dialog did only inform one, but a prompt would be better, so that one can choose. Since you folks think it's outdated and I disagree the prompt could be disabled by default but security-aware people may enable it.
  2. Submitting form data to an insecure site. The warning at submit time is maybe too late, so why not show a symbol on the site before/while filling it in?
OK, thanks a lot about the explanations, but in my opinion there are still two things open: # Leaving a secure site. The former dialog did only inform one, but a prompt would be better, so that one can choose. Since you folks think it's outdated and I disagree the prompt could be disabled by default but security-aware people may enable it. # Submitting form data to an insecure site. The warning at submit time is maybe too late, so why not show a symbol on the site before/while filling it in?