“because there may be HTTPS sites where connections to non-HTTPS servers are considerd by the users as being worth it.” For this, the first two prefs of blocking are out, but maybe third pref of ‘upgrading display content’ can be a potential solution as it will not block http but rather *try* to upgrade passive resources to https if it can on https sites(http sites load just fine with all three prefs switched) atleast that’s what its name suggest. Now You: what is your take on the feature? Good addition? (via Techdows) HTTP downloads that originate on HTTPS pages will be blocked by default users do have the option to override the blocking and to disable the security feature entirely. Chrome users may discard or keep the download, similarly to how Firefox handles these downloads. Chrome displays a notification in the download panel if a file cannot be downloaded because it originates from a HTTP server. Most Chromium-based browsers block downloads from HTTP sources if the originating page uses HTTPS. Google introduced the blocking of downloads in an insecure context earlier this year in Chrome 86. In other words: 15 in 1000 downloads will be blocked once the change lands in Firefox Stable, provided that the percentage value is about the same. Mozilla notes that about 98.5% of all downloads in Firefox Nightly use HTTPS. FALSE: to disable the security feature.TRUE: to keep the security feature enabled.Use the toggle icon to set the value to.Search for dom.block_download_insecure.
Load about:config in the Firefox address bar.