Thanks for your feedback! I have a proof of concept patch to indicate
which content has been blocked in the webconsole and error console -
. I need to update
the patch and once we've landed that, i think it will be much more
useful for developers to understand what is causing the
errors/failures. We also need to work on documentation
) and let the
developer community know about the feature while it's in aurora, so they
have time to fix mixed active content issues before most users see them.
The design of the Mixed Content Blocker is being discussed in
. The original
design showed the pop-up notification the first three times a user
visited a mixed content; UX is working on a way to make the shield more
noticable without automatically showing the doorhanger. There have been
similar concerns about the plugin icon.
On 2/11/13 1:08 PM, Mike Cooper wrote:
> I enabled the setting and tried out the page with the blocked video. I
> didn't see anything odd in the web console, and the Vimeo iframe
> didn't load. If I hadn't expected this to happen, I would be very
> confused, both as a user and as a developer. I see now that a shield
> appeared in the URL bar, but maybe it would be better to have the door
> hanger pop up automatically the first time it happens? I didn't notice
> the shield at first until I went back to look for it.
> I think the reason nothing showed in the web console is because it was
> an iframe. Maybe in scenarios like this, it would be good to print an
> error, as opposed to just making the request red. This way things that
> don't show up as requests in the web console (or if I have the Net
> filter turned off) are still visible.
> Another thing that would be nice is to have an overlay on the blocked
> element, so there isn't just a blank spot on the page, similar to the
> click-to-play for Flash. This would help me realize something has
> happened instead of just some missing content.
> On Mon, Feb 11, 2013 at 12:50 PM, Brian Smith <bsm...@mozilla.com
> Matthew Claypotch wrote:
> > I commented in the linked bug, but my big question is this. Are we
> > communicating to the user (via web console, ideally) *why* blocked
> > requests are blocked? If not, we should.
> It would be useful to get your teams' opinion on the UI without
> being biased from my explanations of how the UI works, because the
> UX is the core issue here. Please try Nightly and set the
> security.mixed_content.block_active_content=true and let us know
> what you think about the UX. The pages I linked to in my original
> message in this thread are good test cases.
> dev-webdev mailing list