Full secure and Mixed insecure websites
I notice some websites with Full secure or Mixed passive insecure content ? Like Frontier website homepage with Full secure but click with Login and it change to Mixed insecure. How can I use Full secure ALL websites rather than Mixed insecure ? Here two different images. look at URL address Homepage w/ full with green icon and other Login with Mixed grey / yellow icon at same website. Mixed insecure is not safe, right ?? Sorry for my fair English.
All Replies (3)
hi Deafrocks, the mixed content warning indicates that although the site is loaded or supposed to be loaded through a secure/encrypted https-connection it contains passive elements like images that are embedded through a normal http-only-connection - this isn't really a security issue as all active components like scripts that might alter the behaviour of the website and that come through http would be blocked in this circumstance.
however if you want to block insecure passive elements on https websites as well, this would be the way to do it: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.mixed_content.block_display_content. double-click it and change its value to true (it might cause visual breakage on some websites).
I can't believe a company would purposely create any security question on their login page. Probably it was an oversight. Anyway, the insecure retrieval is caused by this line of code:
<link rel="apple-touch-icon" href="http://a2.mzstatic.com/us/r30/Purple49/v4/c1/ee/a2/c1eea24c-8bcb-fb69-ca2e-ea4b9090fb15/icon175x175.jpeg">
Someone over there should fix that!
Modified
I see this message in the Web Console when I filter for 'mixed'.
Loading mixed (insecure) display content “http://a2.mzstatic.com/us/r30/Purple49/v4/c1/ee/a2/c1eea24c-8bcb-fb69-ca2e-ea4b9090fb15/icon175x175.jpeg” on a secure page[Learn More]