We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Este site está com funcionalidades limitadas enquanto realizamos manutenção para melhorar sua experiência de uso. Se nenhum artigo resolver seu problema e você quiser fazer uma pergunta, nossa comunidade de suporte pode te ajudar em @FirefoxSupport no Twitter e /r/firefox no Reddit.

Avatar for Username

Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

is there any addon (or somthing else) to SIMULATE ie9s "display only secure content"

  • 5 respostas
  • 2 têm este problema
  • 1 exibição
  • Última resposta de wwabbit

wwabbit
wwabbit
more options

i tried https everywhere and forcing with no script fruitlessly

since firefox does not display a detailed message, here is a screen shot from chrome: http://image.bayimg.com/baadpaaee.jpg

here the OFFICIAL answer from m$: "This message is telling you that there may be both secure and non-secure content on the page. Secure and non-secure content, or mixed content, means that a webpage is trying to display elements using BOTH secure (HTTPS/SSL) and non-secure (HTTP) web server connections. This OFTEN happens with online stores or financial sites that display IMAGES, banners, or scripts that are coming from a server that is not secured. The risk of displaying mixed content is that a non-secure webpage or script might be able to access information from the secure content."

certain thumbnails of close friend notifications and app requests NULLIFY the encryption and firefox doesnt padlock unlike chrome

so how to FILTER unencrypted info FROM the encrypted :)

"An attacker can replace any unprotected, unsecure HTTP content on an otherwise secure, HTTPS page with a “poisoned” version. For example, when you visit https://www.youtube.com with different browsers and a man-in-the-middle attacker present, you’ll see different results. Most other browsers just show the unprotected content automatically, allowing a spoofing or information disclosure attack"

this pees me out :D

i tried https everywhere and forcing with no script fruitlessly since firefox does not display a detailed message, here is a screen shot from chrome: http://image.bayimg.com/baadpaaee.jpg here the OFFICIAL answer from m$: "This message is telling you that there may be both secure and non-secure content on the page. Secure and non-secure content, or mixed content, means that a webpage is trying to display elements using BOTH secure (HTTPS/SSL) and non-secure (HTTP) web server connections. This OFTEN happens with online stores or financial sites that display IMAGES, banners, or scripts that are coming from a server that is not secured. The risk of displaying mixed content is that a non-secure webpage or script might be able to access information from the secure content." certain thumbnails of close friend notifications and app requests NULLIFY the encryption and firefox doesnt padlock unlike chrome so how to FILTER unencrypted info FROM the encrypted :) "An attacker can replace any unprotected, unsecure HTTP content on an otherwise secure, HTTPS page with a “poisoned” version. For example, when you visit https://www.youtube.com with different browsers and a man-in-the-middle attacker present, you’ll see different results. Most other browsers just show the unprotected content automatically, allowing a spoofing or information disclosure attack" this pees me out :D

Alterado por wwabbit em

Todas as respostas (5)

the-edmeister
the-edmeister
  • Moderator
more options

Firefox's Site Identity button gives that warning by displaying a grey warning triangle icon in the URL bar. Click on that icon to see the full explanation.
https://support.mozilla.com/en-US/kb/Site+Identity+Button

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

A built-in mixed content blocker is planned for future release (see Security/Features/Mixed Content Blocker - MozillaWiki). In the meantime, an add-on is a good idea. I'm going to poke around when I get a chance.

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You can check the security.warn_viewing_mixed pref on the about:config page to see if it is set to true if you want to be warned in cases like that.

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Hmm, well, many hours later, I have a Greasemonkey userscript that clears many insecure elements, but it doesn't work on scripts. By the time I edit or delete the script tag, Firefox has already requested the script. So I think it will take a real add-on.

wwabbit
wwabbit Autor da pergunta
more options

the ONLY dude who has REAL answers is JSCHER2000 kudos, son :) and btw what usercript is it, i do have grease monkey :)