본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Mixed SSL content not blocked by Firefox

  • 4 답장
  • 2 이 문제를 만남
  • 7 보기
  • 최종 답변자: philipp

more options

This is a long standing problem for Firefox and makes me stay away from it for any online commerce/banking transactions. Internet Explorer is the safest in this case as it gives the user an option to block the insecure content before loading it, but Firefox just shows a useless mixed content warning but still loads the insecure page. I have seen bugzilla items pointing to this and Mozilla's stringent 'NO' to fixing this glaring security hole. I want to know when this issue will be resolved and what is Mozilla doing in the interim to thwart problems with such sites?

This is a long standing problem for Firefox and makes me stay away from it for any online commerce/banking transactions. Internet Explorer is the safest in this case as it gives the user an option to block the insecure content before loading it, but Firefox just shows a useless mixed content warning but still loads the insecure page. I have seen bugzilla items pointing to this and Mozilla's stringent 'NO' to fixing this glaring security hole. I want to know when this issue will be resolved and what is Mozilla doing in the interim to thwart problems with such sites?

모든 댓글 (4)

more options

hey techybrainz, this is probably the wrong place to get this question answered, since it is essentially a users-helping-users forum & developers won't read here... please go to firefox > help > send feedback to make suggestions or request features.

but from what i can read out of the relevant bugzilla entries, there is no 'NO' on this item, quite the opposite ("We really want this, but we need the core bugs fixed to allow this..."). those outstanding core-bugs apparently got fixed and will land in firefox 18, so there is a good chance that this can actually be implemented afterwards...

more options

Hey madperson, thanks for the quick and encouraging response. Excuse me for the delayed response. Have put a complaint via the Help->Feedback method. Must admit that I am a bit surprised that none of the devs give this forum a visit. 321022 is the one I was referring in bugzilla. I see that the dependencies are crossed out as done (you are right, and its vide Firefox 18) around September, but there is no traction on implementing 321022 as its still un-assigned.

글쓴이 techybrainz 수정일시

more options

See also bug 62178 (implement mechanism to prevent sending insecure requests from a secure context)

(please do not comment in bug reports)

more options

hello, starting with firefox 18 this feature will begin landing in the browser. https://blog.mozilla.org/futurereleases/2012/11/26/firefox-beta-adds-ionmonkey-to-improve-javascript-performance/

in about:config you can toggle security.mixed_content.block_active_content & security.mixed_content.block_display_content to true, at a later stage there will also be a visual UI created fro mixed content (see bug #782654 & the design specs pdf)