[HTTPS-Everywhere] Mixed Content / HTTP redirects
Drake, Brian
brian2 at drakefamily.tk
Sat Dec 18 08:25:32 PST 2010
The subject line indicates two areas where Internet Explorer is
actually better than Firefox. You can help!
With mixed content, Internet Explorer has an option to block it or
prompt before displaying it. The most Firefox does is warn you about
it. I have not been able to find a Firefox add-on to help, while HTTPS
Everywhere’s FAQ simply says that the user would have been vulnerable
to it anyway (not true for someone like me who switched from Internet
Explorer).
When an HTTPS address returns a redirect to an HTTP address that
itself returns a redirect, this time to an HTTPS page, Internet
Explorer will act the same as in any other situation where it
navigates from an HTTPS page to an HTTP page and back again, including
displaying warnings, if these are turned on (example: signing in to
Gmail). Firefox completely ignores it. Firefox add-ons are very
powerful, so presumably they could help here too, though again, I have
not been able to find one that deals with this.
I think HTTPS Everywhere ought to be updated to deal with both of these issues.
More information about the HTTPS-everywhere
mailing list