Przeszukaj pomoc

Unikaj oszustw związanych z pomocą.Nigdy nie będziemy prosić Cię o dzwonienie na numer telefonu, wysyłanie SMS-ów ani o udostępnianie danych osobowych. Zgłoś podejrzaną aktywność, korzystając z opcji „Zgłoś nadużycie”.

Więcej informacji

Disable upgrading HTTP images to HTTPS site

  • 3 odpowiedzi
  • 0 osób ma ten problem
  • 8 wyświetleń
  • Ostatnia odpowiedź od Terry

more options

Hi!

Is there any settings or about:config settings or addons that disable upgrading HTTP to HTTPS for images? I have HTTPS site which redirects from HTTP to HTTPS from server side so I cant visit it on HTTP mode. This HTTPS only site uses external images from HTTP only site that does not speak HTTPS.

Firefox writes in browser console: > Content Security Policy: Upgrading insecure request ‘http://site.com/someimage.jpg’ to use ‘https’

How do I disable this behavior? Any about:config settings or browser addons to get rid of this?

Hi! Is there any settings or about:config settings or addons that disable upgrading HTTP to HTTPS for images? I have HTTPS site which redirects from HTTP to HTTPS from server side so I cant visit it on HTTP mode. This HTTPS only site uses external images from HTTP only site that does not speak HTTPS. Firefox writes in browser console: > Content Security Policy: Upgrading insecure request ‘http://site.com/someimage.jpg’ to use ‘https’ How do I disable this behavior? Any about:config settings or browser addons to get rid of this?

Wszystkie odpowiedzi (3)

more options

Can you post a link to a publicly accessible page (i.e. no authentication or signing on required)?

more options

Sorry, can't post link here.

But important key takeaway is that this page has <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> in it's html source code and I either need some plugin to remove it from source code before Firefox starts to parse HTML or some hack to modify Firefox to ignore this.

It also had Upgrade-Insecure-Requests http header but that I was able to remove with Modify Header Value (HTTP Headers) addon so this meta tag is the only suspect left.

Zmodyfikowany przez wybqogzigoxruxdhnp w dniu

more options

There is this preference in about:config which you can change to false. I don't know whether that is effective against such code on the website. browser.fixup.fallback-to-https

I see that I also have this preference (set to */*). image.http.accept

Zmodyfikowany przez Terry w dniu