[HTTPS-Everywhere] Progress on erroneous "false mixed" content blocking
Peter Eckersley
pde at eff.org
Fri Oct 24 10:21:10 PDT 2014
For a long time, we've had a huge problem with browsers blocking HTTP
script and CSS content in HTTPS pages, even though we were about to
rewrite those resources to HTTPS URLs.
Mozilla has finally landed a patch for this, which is in Mozilla 36
(current nightly):
https://bugzilla.mozilla.org/show_bug.cgi?id=418354
https://bugzilla.mozilla.org/show_bug.cgi?id=878890
What this means is that on Firefox 36+, the rulesets that MB has been
calling "false mixed" should actually work. Let's check that, and if
it's right, we can create a new "platform" for rulesets -- we could call
it "transient-mixed" or somegthing -- and enable those rulesets on FF
36+.
No progress on the Chrome version of this bug yet though :(
https://code.google.com/p/chromium/issues/detail?id=122548
--
Peter Eckersley pde at eff.org
Technology Projects Director Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
More information about the HTTPS-Everywhere
mailing list