Disable upgrading HTTP images to HTTPS site
Hi!
Is there any settings or about:config settings or addons that disable upgrading HTTP to HTTPS for images? I have HTTPS site which redirects from HTTP to HTTPS from server side so I cant visit it on HTTP mode. This HTTPS only site uses external images from HTTP only site that does not speak HTTPS.
Firefox writes in browser console: > Content Security Policy: Upgrading insecure request ‘http://site.com/someimage.jpg’ to use ‘https’
How do I disable this behavior? Any about:config settings or browser addons to get rid of this?
All Replies (3)
Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?
Sorry, can't post link here.
But important key takeaway is that this page has <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> in it's html source code and I either need some plugin to remove it from source code before Firefox starts to parse HTML or some hack to modify Firefox to ignore this.
It also had Upgrade-Insecure-Requests http header but that I was able to remove with Modify Header Value (HTTP Headers) addon so this meta tag is the only suspect left.
Edeziri
There is this preference in about:config which you can change to false. I don't know whether that is effective against such code on the website. browser.fixup.fallback-to-https
I see that I also have this preference (set to */*). image.http.accept
Edeziri