[tor-bugs] #8664 [EFF-HTTPS Everywhere]: Firefox 23 blocks loading of HTTPS/HTTP mixed content, breaking nytimes.com
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Apr 12 15:10:58 UTC 2013
#8664: Firefox 23 blocks loading of HTTPS/HTTP mixed content, breaking nytimes.com
----------------------------------+-----------------------------------------
Reporter: cypherpunks | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version: HTTPS-E 3.1.4
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Comment(by pde):
We've already made [https://trac.torproject.org/projects/tor/ticket/6975
some attempts] to flag all the rulesets that create mixed content
situations for the Chrome port, where the mixed content is blocked by
default and Google
[https://code.google.com/p/chromium/issues/detail?id=144637 refused] to
give us a way to override that or even give the user a better UI for doing
so.
(In Google's defense there are some rare cases where forcing HTTPS and
allowing mixed content is worse than not forcing HTTPS at all; they would
apply to the very rare sites that actually have a secure HTTPS deployment
for part of their site and HTTP for the rest of the site).
Despite that I think on balance we're probably better allowing mixed
content in pages that we forced to be HTTPS in the first place. But the
alternative is to expand and improve the list of "mixedcontent" rules, and
disable them all by default in Firefox.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8664#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list