Open lgarron opened 9 years ago
I think it would be helpful to have a subdomain dedicated to a HTTPs page containing an HTML Form element and a <input type = "password">
field which posts to HTTP. Like this page: https://people.mozilla.org/~tvyas/password/password_insecure.html
Firefox will be adding a warning for this behavior. Chrome already shows the non-secure "page" icon.
https://support.mozilla.org/en-US/kb/insecure-password-warning-firefox
We already have a page for what Firefox will be warning about, which is a password field on an HTTP page:
http://http-password.badssl.com/
HTTPS page to HTTP form is a good use case. Typically, it would generate a popup warning. I'm not sure if that is changing with the upcoming Firefox changes.
Ah! Thank you April. I looked through the list and for some reason I did not see that existing subdomain. My mistake.
Two options:
mixed-______.badssl.com
mixed.badssl.com/_____
Possible kinds of content:
It would also be nice to have combinations of these, or at least a page with
all
.See https://www.bennish.net/mixed-content.html for an example with lots of mixed content.