We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

HTTPS mode in all windows only failure

more options

When going to a site with FF, 90 which has partial secure information FF still allows access even though the site is not completely https. this should not be allowed HTTPS only should work if the site is completely compliant with HTTPS.

The example site is https://www.brampton.ca//en/online-services/pages/bramcams.aspx

If you click on one of the camera images with "https mode in all windows only" set, no image is displayed and the icon suggest HTTPS but the site is only partial https.

With "https mode in all windows" no configured you get the secure lock icon with the exclamation. see enclosed.

When going to a site with FF, 90 which has partial secure information FF still allows access even though the site is not completely https. this should not be allowed HTTPS only should work if the site is completely compliant with HTTPS. The example site is https://www.brampton.ca//en/online-services/pages/bramcams.aspx If you click on one of the camera images with "https mode in all windows only" set, no image is displayed and the icon suggest HTTPS but the site is only partial https. With "https mode in all windows" no configured you get the secure lock icon with the exclamation. see enclosed.
첨부된 스크린샷

모든 댓글 (6)

more options

Note that clicking the padlock and selecting "HTTPS-Only Mode: Off temporarily" is sufficient to load the camera images (they are accessed via http://192.82.150.11:xxxx).

more options

For me, HTTPS Only mode blocks insecure embedded images.

For confirmation, I have this old test page (third image is insecure and can't be upgraded to HTTPS): https://www.jeffersonscher.com/res/mixed-display.html

more options

I see what you mean but I think FF should refuse to display the page if it is mixed https as the configuration setting is ""https-only mode in all windows"

more options

The mixed content is blocked. You would prefer to see nothing at all than only the secure content?

more options

Correct. Like Co-rel says I can override it if I wish.

more options

Seems like a lot of extra work. Definitely would not want it to default to that behavior.