How does this behavior compare with other browsers? Alex
On Mon, Nov 27, 2017 at 7:47 AM, Jonathan Kingston <[email protected]> wrote: > Currently our mixed content blocker implementation treats object > subrequests as mixed passive content. As part of our plan to deprecate > insecure connections we are going to block insecure subrequests in flash. > Mostly because such subrequests can contain data or functionality which > might be dangerous for end users. > > Current telemetry suggest that ~0.03% requests would be impacted by this > change of behaviour [1]. To roll that change out we initially are going to > add a pref "security.mixed_content.block_object_subrequest" which will be > enabled for Nightly and Early Beta and ultimately will be flipped on > permanently for FF60. > > We track overall progress here: > https://bugzilla.mozilla.org/show_bug.cgi?id=1190623 > > Thanks > > Jonathan > > [1] > https://telemetry.mozilla.org/new-pipeline/dist.html#! > cumulative=0&end_date=2017-11-15&keys=__none__!__none__!__ > none__&max_channel_version=release%252F57&measure=MIXED_ > CONTENT_OBJECT_SUBREQUEST&min_channel_version=null& > processType=*&product=Firefox&sanitize=1&sort_keys= > submissions&start_date=2017-11-12&table=0&trim=1&use_submission_date=0 > _______________________________________________ > dev-platform mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list [email protected] https://lists.mozilla.org/listinfo/dev-platform
