Welcome to WebmasterWorld Guest from

Forum Moderators: open

Message Too Old, No Replies

Are you delivering http content over https?

Not anymore. Get ready now.

4:22 pm on Apr 16, 2013 (gmt 0)


WebmasterWorld Administrator coopster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 31, 2003
votes: 2

Security & Privacy

Non-SSL active content on SSL pages is blocked by default

Bug 834836 Turn on pref to block mixed active content

Firefox 18 introduced preferences to block loading content from non-SSL (http) sites on SSL (https) pages. One of those preferences will now be enabled by default in order to enhance user security. That means insecure scripts, stylesheets, plug-in contents, inline frames, Web fonts and WebSockets are blocked on secure pages, and a notification is displayed instead. It will not block "display content" like images, videos or audio.

8:04 pm on Apr 16, 2013 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 14, 2008
votes: 17

It has long been the case that the more responsible browsers (including firefox) warned about mixed content. It has never been good to serve (eg) non-SSL images with an SSL page. I've had that warning enabled for years in firefox and only occasionally accept mixed content if I know the site well.

In any case, if a site is properly designed it should never serve mixed content.

It's good that FF now defaults to that mode but I wonder if they force it upon existing users after an update.

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members