As a quick follow up we added a deprecation notice into 60 with
https://bugzilla.mozilla.org/show_bug.cgi?id=1441794 this will ride the
trains and provide more telemetry on the breakage.
There is a little more breakage than we would like so adding this warning
provides page and frame breakage rates
My understanding is all other browsers will still would load this request.
Chrome marks this as Mixed Passive and warns in the console whilst the
request still can be seen in the network panel. I was only testing with a
self signed certificate so unsure if the URL bar would display as "Not
Secure"
How does this behavior compare with other browsers?
Alex
On Mon, Nov 27, 2017 at 7:47 AM, Jonathan Kingston wrote:
> Currently our mixed content blocker implementation treats object
> subrequests as mixed passive content. As part of our plan to deprecate
> insecure connections we are going to b
Currently our mixed content blocker implementation treats object
subrequests as mixed passive content. As part of our plan to deprecate
insecure connections we are going to block insecure subrequests in flash.
Mostly because such subrequests can contain data or functionality which
might be dangerou
4 matches
Mail list logo
