Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Mixed SSL content not blocked by Firefox

  • 4 个回答
  • 2 人有此问题
  • 7 次查看
  • 最后回复者为 philipp

more options

This is a long standing problem for Firefox and makes me stay away from it for any online commerce/banking transactions. Internet Explorer is the safest in this case as it gives the user an option to block the insecure content before loading it, but Firefox just shows a useless mixed content warning but still loads the insecure page. I have seen bugzilla items pointing to this and Mozilla's stringent 'NO' to fixing this glaring security hole. I want to know when this issue will be resolved and what is Mozilla doing in the interim to thwart problems with such sites?

This is a long standing problem for Firefox and makes me stay away from it for any online commerce/banking transactions. Internet Explorer is the safest in this case as it gives the user an option to block the insecure content before loading it, but Firefox just shows a useless mixed content warning but still loads the insecure page. I have seen bugzilla items pointing to this and Mozilla's stringent 'NO' to fixing this glaring security hole. I want to know when this issue will be resolved and what is Mozilla doing in the interim to thwart problems with such sites?

所有回复 (4)

more options

hey techybrainz, this is probably the wrong place to get this question answered, since it is essentially a users-helping-users forum & developers won't read here... please go to firefox > help > send feedback to make suggestions or request features.

but from what i can read out of the relevant bugzilla entries, there is no 'NO' on this item, quite the opposite ("We really want this, but we need the core bugs fixed to allow this..."). those outstanding core-bugs apparently got fixed and will land in firefox 18, so there is a good chance that this can actually be implemented afterwards...

more options

Hey madperson, thanks for the quick and encouraging response. Excuse me for the delayed response. Have put a complaint via the Help->Feedback method. Must admit that I am a bit surprised that none of the devs give this forum a visit. 321022 is the one I was referring in bugzilla. I see that the dependencies are crossed out as done (you are right, and its vide Firefox 18) around September, but there is no traction on implementing 321022 as its still un-assigned.

由techybrainz于修改

more options

See also bug 62178 (implement mechanism to prevent sending insecure requests from a secure context)

(please do not comment in bug reports)

more options

hello, starting with firefox 18 this feature will begin landing in the browser. https://blog.mozilla.org/futurereleases/2012/11/26/firefox-beta-adds-ionmonkey-to-improve-javascript-performance/

in about:config you can toggle security.mixed_content.block_active_content & security.mixed_content.block_display_content to true, at a later stage there will also be a visual UI created fro mixed content (see bug #782654 & the design specs pdf)