We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Mixed SSL content not blocked by Firefox

  • 4 பதிலளிப்புகள்
  • 2 இந்த பிரச்னைகள் உள்ளது
  • 7 views
  • Last reply by philipp

This is a long standing problem for Firefox and makes me stay away from it for any online commerce/banking transactions. Internet Explorer is the safest in this case as it gives the user an option to block the insecure content before loading it, but Firefox just shows a useless mixed content warning but still loads the insecure page. I have seen bugzilla items pointing to this and Mozilla's stringent 'NO' to fixing this glaring security hole. I want to know when this issue will be resolved and what is Mozilla doing in the interim to thwart problems with such sites?

This is a long standing problem for Firefox and makes me stay away from it for any online commerce/banking transactions. Internet Explorer is the safest in this case as it gives the user an option to block the insecure content before loading it, but Firefox just shows a useless mixed content warning but still loads the insecure page. I have seen bugzilla items pointing to this and Mozilla's stringent 'NO' to fixing this glaring security hole. I want to know when this issue will be resolved and what is Mozilla doing in the interim to thwart problems with such sites?

All Replies (4)

hey techybrainz, this is probably the wrong place to get this question answered, since it is essentially a users-helping-users forum & developers won't read here... please go to firefox > help > send feedback to make suggestions or request features.

but from what i can read out of the relevant bugzilla entries, there is no 'NO' on this item, quite the opposite ("We really want this, but we need the core bugs fixed to allow this..."). those outstanding core-bugs apparently got fixed and will land in firefox 18, so there is a good chance that this can actually be implemented afterwards...

Hey madperson, thanks for the quick and encouraging response. Excuse me for the delayed response. Have put a complaint via the Help->Feedback method. Must admit that I am a bit surprised that none of the devs give this forum a visit. 321022 is the one I was referring in bugzilla. I see that the dependencies are crossed out as done (you are right, and its vide Firefox 18) around September, but there is no traction on implementing 321022 as its still un-assigned.

techybrainz மூலமாக திருத்தப்பட்டது

See also bug 62178 (implement mechanism to prevent sending insecure requests from a secure context)

(please do not comment in bug reports)

hello, starting with firefox 18 this feature will begin landing in the browser. https://blog.mozilla.org/futurereleases/2012/11/26/firefox-beta-adds-ionmonkey-to-improve-javascript-performance/

in about:config you can toggle security.mixed_content.block_active_content & security.mixed_content.block_display_content to true, at a later stage there will also be a visual UI created fro mixed content (see bug #782654 & the design specs pdf)