The recently released Firefox 91 enabled HTTPS-only mode in private browsing mode. With the launch of the next Firefox 92 version, Firefox may further improve security by preventing mixed unsafe downloads. Previously, because it provided support for Google Safe Browsing, the Firefox browser has blocked dangerous, potentially unwanted and unusual downloads.
Now, Mozilla is further expanding the download protection of the Firefox browser, by displaying an error directly on the download panel, detecting and rejecting downloading files through insecure connections of HTTPS websites, the file has not been downloaded. Potential security risks, the error reads.
When the user clicks on it, the Firefox browser explains the details of the error as follows:
This file uses an insecure connection. It may be damaged or tampered with during the download process. You can search for other download sources, or try again later. Users can obtain the file by clicking Allow Download at their own risk. The Firefox browser download panel also provides an option to delete it from the device to ensure your safety.
Most websites now use HTTPS instead of HTTP, but HTTPS pages may still provide HTTP content, which is called mixed content. Most browsers, including Firefox, warn when they detect mixed content. Until one day, Mozilla limited the download blocking of mixed content to Nightly. Recently, this feature was enabled in Firefox 92 Beta, and it may be normalized with the release of the final version.
The Firefox browser developers claim that, based on their telemetry data, the security feature blocked about 1.5% of downloads. In the test version of Firefox 92, you can now choose to enable or disable the insecure download protection feature:
- Visit about:config
- Click Accept the risk and continue
- Type insecure in the search box.
In the list, find and modify the default value of dom.block_download_insecure to true. On the contrary, switch the default value to false to prevent or prevent Firefox from blocking unsafe downloads, but for your safety, it is not recommended to do the above operations.
