Opera Browser: "Blocked insecure content" - What is it? How to see?

cratte

cratte last edited by

hi.
Several times there comes the warning "Blocked insecure content" on the reight edge of the address bar.
You can allow it or not - without knowing exactly what it is?
How could i see what contest is insecure?
Is there an Addon?
I want to choose by knowing whats theatening.
thx

burnout426

burnout426 Volunteer last edited by

When you're on an https page and it tries to load something from http, Opera/Chromium will block it. You then have the option to temporarily allow it.

You can hit ctrl + shift + i to open the developer tools and look in the console to see if it say anything more specific. If not, you could go to the Network tab, disable cache and refresh the page to see what requests are coming from http. There might be something on the Security tab too.

If you start Opera with the --allow-running-insecure-content command-line switch, you can disable the behavior. Didn't test to see if the switch still works though. Chromium might have disabled it. But, Opera's behavior is enabled for your protection, so you shouldn't disable it.

cratte

cratte @burnout426 last edited by

@burnout426 thx I just want to know what's so dangerous

blackbird71

blackbird71 @cratte last edited by

@cratte said in Opera Browser: "Blocked insecure content" - What is it? How to see?:

... I just want to know what's so dangerous

There are several dangers. One is that an https connection is encrypted, hence 'secure'; whereas an http connection referenced in a site's coding is not secured, and its traffic can be intercepted and read anywhere along the pathway. In the case of a banking website, for example, that raises the possibility that whatever traffic is being accessed/communicated over the http link is unsecured and could be intercepted and misused.

Another danger is that http links present no security certificates to your browser, so they are essentially unvetted in that way. That raises increased possibility of malware existing on the linked http site and being imported into the browser's hosting system (eg: a drive-by attack from an unvetted ad server).

Put another way, an https connection is secured and certificated; each http link present on an https's site code opens an unsecured, potentially unvetted doorway into the browser and system.

cratte

cratte @blackbird71 last edited by

@blackbird71 thank you very much

I use Addon "Smart HTTPS" for secure browsing.
But Opera will also protect me from this threat?

To see which insecure content has been blocked would be fine.
And to decide if allowed or not would be even nicer.
Therefore i asked for an addon.

blackbird71

blackbird71 @cratte last edited by

@cratte said in Opera Browser: "Blocked insecure content" - What is it? How to see?:

@blackbird71 thank you very much

I use Addon "Smart HTTPS" for secure browsing.
But Opera will also protect me from this threat?
...

Smart HTTPS only attempts to cause all browser connections to be https "if available"... if the server for the http URL doesn't have an https option, Smart HTTPS allows the connection to continue as http. That means a malicious http server that refuses the https attempt will be allowed to pass data to/from your browser via the http protocol. Hence, little or no protection is afforded for embedded http calls in an https website's scripting. Opera provides the warning block to prevent such an http access from an https-site's script.

am2

am2 @blackbird71 last edited by

@blackbird71 said in Opera Browser: "Blocked insecure content" - What is it? How to see?:

@cratte said in Opera Browser: "Blocked insecure content" - What is it? How to see?:

@blackbird71 thank you very much

I use Addon "Smart HTTPS" for secure browsing.
But Opera will also protect me from this threat?
...

Smart HTTPS only attempts to cause all browser connections to be https "if available"... if the server for the http URL doesn't have an https option, Smart HTTPS allows the connection to continue as http. That means a malicious http server that refuses the https attempt will be allowed to pass data to/from your browser via the http protocol. Hence, little or no protection is afforded for embedded http calls in an https website's scripting. Opera provides the warning block to prevent such an http access from an https-site's script.

Is there any way to disable this warning form setting? It is annoying and it shows on top of every page I go.