Firefox udpate is negatively impacting our learning management system
Hi there,
I help administer Canvas, a learning management system, at Emerson College. With the FF23 update, we have been getting a lot of tickets about links that originally displayed within Canvas not working. Instructure Canvas alerted us that this is a new FF security feature that prevents unsecure content from running or displaying right away. I understand that there is a way to allow "unsecure content" by clicking on the little icon that appears when content is being blocked but it seems as though this little button needs to be clicked every single time you want an iframe to display.
I am wondering if Firefox is considering some sort of global way to allow content for certain websites to just display automatically. Having to click to allow content to be displayed every single time is actually really cumbersome with courses in a learning management system because they often have a lot of weblinks added. So, it destroys the flow being able to go to one space to view course content. Although I appreciate the added security, for the faculty that I support, they are go to see this as a step backwards in terms of the way Canvas works for them and their students. We may have to recommend that they use Safari or Chrome. I'd hate to have to do that because thus far, Firefox has been my favorite browser, and in my opinion, the most reliable. Even if we don't require that they use Chrome or Safari, they're probably going to opt to use those browsers on their own given their course content.
Just wanted to give my two cents and see if there are any additional steps I should be taking to make this transition more seamless for our users. Thank you!
All Replies (1)
hello, the source of the problem is that on a site loaded through a secure connection (https://) a insecure iframe or other element is embedded (through http://), so called mixed content. you can either circumvent that by offering the top-level page through http:// or make sure that there is no mixed content and everything is served through https://.
more information about the issue is available at https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23/