Will Mozilla block all mixed content like Chrome does now?

Discussion of features in Mozilla Firefox

User avatar
Posts: 633
Joined: April 3rd, 2005, 12:58 pm
Location: Kansas City, Missouri

Post Posted October 20th, 2020, 8:39 pm

I suspect that the cause of some embedded images not showing up in Google Chrome, but showing up in Firefox is that Google Chrome said they will gradually block all 'mixed content downloads':

So I tested this to find out that Chrome versions before Chrome 83 will display embedded images (hosted on servers I am using) - but all versions 83 and later will not.

I think someone on the forums mentioned that Firefox will also start doing this, and if so when?
Is the host server setting to blame for this, and if so what setting should be changed on the host server?

Testing here with an example:

EDIT: Interestingly - the above example DOES show up on both Firefox and Chrome but when I do the same thing on other forums, it only shows up on Firefox but not on Chrome.
So is it the host server or the forum or web site you are embedding the image on?

On sites where this does NOT work on, it only happens on Chrome versions on which mixed content was being blocked... So Chrome v83 and later.

c627627 wrote:I resolved this issue.
Here are my notes:

In 2020, you *must* install an SSL Certificate where your files are hosted or else they will not show up in Chrome when hotlinked.

So here's what some people find out the hard way:
There are actually 100% free hosting options - but you cannot HOTLINK for free.
Free hotlinking is not guaranteed, so do your search for HOTLINKING whoever is reading this. Hotlinking is when you insert your image from your server, your domain, on another web site, not your own domain, in other words.

I opted for ATSPACE host then was puzzled why I couldn't get answers on why my hotlinked images are only showing on older Chrome browsers or non-Chrome browsers.

Then I found out you MUST have an SSL certificate for your images to show up in Google Chrome.

ATSPACE told me:

We are happy to say that our Control Panel now supports the automated installation of free SSL certificates provided by Let's Encrypt.

Before you begin this process, please make sure that your domain name is fully hosted on our platform. In other words, your domain name must be configured to use our NS (nameserver) records. If you are not sure whether your domain name is using our nameserver records, let us know and we will verify this for you.

Once you are certain that your domain name is fully hosted with us, please follow the steps below:

1. Go to the SSL Manager section of our Control Panel.
2. Click on the domain name that you would like to secure. Note: it is highly recommended that you choose the "non-www" version of your domain name.
3. Open the Upload Your Certificate tab.
4. Scroll past the three SSL input fields and press the Create Free Certificate button.
5. After the page finishes loading, your certificate should be installed! Please allow an hour or so for the Let's Encrypt SSL to come into effect.

Lastly, now that your SSL certificate is installed, you may wish to force a secure HTTPS connection, even if your visitors do not ask for one. This is done differently depending on the web software that you are using. Our recommendation is to do some research and see how you can force HTTPS connections on your CMS. If you require assistance is setting up your CMS to use the Let's Encrypt certificate, please let us know.

SO ALSO MAKE SURE your "Free" Hosting offers a free SSL certificate!!

EDIT2: It works on this forum, but here is a forum where it does not work, so the same image does not show up on latest Chrome: ... php/797784
Open the pod bay doors, Cortana.

Return to Firefox Features

Who is online

Users browsing this forum: No registered users and 1 guest