当サイトはユーザー体験を改善するためのメンテナンスを実施中に機能が制限される予定です。記事を読んでもあなたの問題が解決せず質問をしたい場合は、Twitter の @FirefoxSupport、Reddit の /r/firefox で、サポートコミュニティが皆さんを助けようと待機しています。

Mozilla サポートの検索

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

詳しく学ぶ

このスレッドはアーカイブに保管されました。 必要であれば新たに質問してください。

How safe is a website with some passive insecure content?

more options

On some websites I visit the icon in the address bar is a grey padlock with an orange warning triangle. These same websites show up as unsecured in Chrome and Edge as well. Although I've been assured by the site owner(s), in this case Tracfone, that any information I enter is safe, I kinda need some reassurances that it is indeed before I enter CC financial information.

I've read the section about mixed passive content but remain unclear.

Thanks.

On some websites I visit the icon in the address bar is a grey padlock with an orange warning triangle. These same websites show up as unsecured in Chrome and Edge as well. Although I've been assured by the site owner(s), in this case Tracfone, that any information I enter is safe, I kinda need some reassurances that it is indeed before I enter CC financial information. I've read the section about mixed passive content but remain unclear. Thanks.

すべての返信 (1)

more options

Let's assume the best case scenario, that the insecure content consists of images served by the site itself on HTTP instead of HTTPS. Why are they doing that?!

To confirm what it actually is, you can try this:

Open Firefox's Web Console in the lower part of the tab using either:

  • "3-bar" menu button > Web Developer > Web Console
  • (menu bar) Tools > Web Developer > Web Console
  • (Windows) Ctrl+Shift+k

In the search box that has "Filter output" as its placeholder, type mixed and then reload the page in the upper part of the tab. Firefox should identify the mixed content and you can evaluate whether it is from a trusted site or is something that doesn't belong in the page.

If it's from the site and they were just a bit sloppy (!!), it's unlikely they will try to steal any information about your session with their own site. If it's from a different or unrelated site, that would be suspicious. I think it's preferable not to have any mixed content for important accounts.