640

Say (an encrypted) hello to a more private internet. (blog.mozilla.org)

submitted 11 months ago by buh@lemmy.world to c/firefox@lemmy.ml

64 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] towerful@programming.dev 4 points 11 months ago

I think I phrased it wrong, or there is a confusion with terms.
If a page is loaded with HTTPS, then images/CSS/JS/iFrames (resources) will not load over HTTP. The resources also have to be served via HTTPS.
If a page is loaded over HTTP, then resources (images/CSS/JS/iFrames) can be loaded over HTTPS.

My objection was to the "even if a server has HTTPS, some resources will still load over HTTP"

[-] Chobbes@lemmy.world 4 points 11 months ago

As far as I know, this is not strictly true either. I believe most browsers currently block mixed active content like JavaScript or iframes, but will happily load images and such over HTTP (although I would not be surprised if this is changing).

this post was submitted on 03 Oct 2023

640 points (98.9% liked)

Firefox

17296 readers

781 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago

MODERATORS

k_o_t@lemmy.ml