Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

Firefox Follows Chrome and Prepares to Block Insecure Downloads

posted by janrinok on Monday August 23 2021, @11:59PM   Printer-friendly

owl writes:

https://therecord.media/firefox-follows-chrome-and-prepares-to-block-insecure-downloads/

Mozilla developers are putting the finishing touches on a new feature that will block insecure file downloads in Firefox.

Called mixed content downloaded blocking, the feature works by blocking files downloads initiated from an encrypted HTTPS page but which actually take place via an unencrypted HTTP channel.

The idea behind this feature is to prevent Firefox users from getting misled by the URL bar and think they're downloading a file securely via HTTPS when, in reality, the file could be tampered with by third parties while in transit.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Firefox Follows Chrome and Prepares to Block Insecure Downloads | Log In/Create an Account | Top | 26 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Insightful) by Anonymous Coward on Tuesday August 24 2021, @12:43AM (4 children)

    by Anonymous Coward on Tuesday August 24 2021, @12:43AM (#1170082)

    If I want to distribute a file, will I be allowed to purchase a license associate with my real name so that Firefox will unblock it? I hope so.

    Starting Score:    0  points
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Insightful' Modifier   0  
    Total Score:   2  

  • (Score: 2) by Tork on Tuesday August 24 2021, @12:48AM (3 children)

    by Tork (3914) Subscriber Badge on Tuesday August 24 2021, @12:48AM (#1170086)
    Are you forced to distribute it from an HTTPS site?
    --
    🏳️‍🌈 Proud Ally 🏳️‍🌈

    • (Score: 1, Touché) by Anonymous Coward on Tuesday August 24 2021, @01:15AM (2 children)

      by Anonymous Coward on Tuesday August 24 2021, @01:15AM (#1170096)

      Are you forced to distribute it from an HTTPS site?

      What, are YOU not? Most sites are HTTPS-only these days.

      Constantly playing stupid for contrariness sake is a risky game; in time the mask may become the face.

      • (Score: 2) by Tork on Tuesday August 24 2021, @02:22AM (1 child)

        by Tork (3914) Subscriber Badge on Tuesday August 24 2021, @02:22AM (#1170116)
        Yeah yeah, you gotta master your fears before they master you and other cosmetic attempts to beef up your wisdom. If you're using a hosting service you're probably already good. If you're spinning up your own server then you're not required to use HTTPS... or if you are you've already solved your own problem. You're either over-reacting or there's another case I'm oblivious to and I don't mind eating a lil humble pie if I can learn somethin'.
        --
        🏳️‍🌈 Proud Ally 🏳️‍🌈

        • (Score: 3, Funny) by coolgopher on Tuesday August 24 2021, @04:11AM

          by coolgopher (1157) on Tuesday August 24 2021, @04:11AM (#1170150)

          As long as they're not blocking explicit HTTPS->HTTP link clicks it should be fine. I'd say "surely they wouldn't be stupid enough to do otherwise", but it is Mozilla we're talking about...