Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

How safe is a website with some passive insecure content?

more options

On some websites I visit the icon in the address bar is a grey padlock with an orange warning triangle. These same websites show up as unsecured in Chrome and Edge as well. Although I've been assured by the site owner(s), in this case Tracfone, that any information I enter is safe, I kinda need some reassurances that it is indeed before I enter CC financial information.

I've read the section about mixed passive content but remain unclear.

Thanks.

On some websites I visit the icon in the address bar is a grey padlock with an orange warning triangle. These same websites show up as unsecured in Chrome and Edge as well. Although I've been assured by the site owner(s), in this case Tracfone, that any information I enter is safe, I kinda need some reassurances that it is indeed before I enter CC financial information. I've read the section about mixed passive content but remain unclear. Thanks.

所有回覆 (1)

more options

Let's assume the best case scenario, that the insecure content consists of images served by the site itself on HTTP instead of HTTPS. Why are they doing that?!

To confirm what it actually is, you can try this:

Open Firefox's Web Console in the lower part of the tab using either:

  • "3-bar" menu button > Web Developer > Web Console
  • (menu bar) Tools > Web Developer > Web Console
  • (Windows) Ctrl+Shift+k

In the search box that has "Filter output" as its placeholder, type mixed and then reload the page in the upper part of the tab. Firefox should identify the mixed content and you can evaluate whether it is from a trusted site or is something that doesn't belong in the page.

If it's from the site and they were just a bit sloppy (!!), it's unlikely they will try to steal any information about your session with their own site. If it's from a different or unrelated site, that would be suspicious. I think it's preferable not to have any mixed content for important accounts.