It's an older article but many in the security community are wondering what's next to break in Firefox?
Daniel
By Sean Michael Kerner | April 09, 2013
http://www.internetnews.com/imagesvr_ce/4731/firefox-small.jpg
A big change is coming for Mozilla Firefox 23 that will force a best practice on web users that is long overdue.
Many websites have long mixed SSL content with non-SSL content on the same page.
That's bad.
It's bad because it effectively nullifies the benefit of having SSL in the first place as the non-encrypted material is likely still valuable (and there is also the likely possibility that a session cookie with login info is part of the non-SSL mix).
The correct best practice is to not mix SSL with non-SSL on the same page, which is something that Firefox 23 will enforce by default.
Full Artitcle
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.