Why are HTTPS sites red instead of black?

Ask for help about NoScript, no registration needed to post
Post Reply
FranL
Senior Member
Posts: 84
Joined: Sun Dec 03, 2017 4:17 pm

Why are HTTPS sites red instead of black?

Post by FranL »

When I visit pages at https://stackoverflow.com/, I see this in the NoScript popup:

Image

I (perhaps incorrectly) expected the ...stackoverflow.com to be black. It changes to black when I lock the Match HTTPS content only, which makes sense. Does a red domain name marked TRUSTED mean NoScript allows both HTTP and HTTPS accesses to that domain — so the red color is kind of a warning that both secure and insecure accesses are allowed?

If so, should I always lock the HTTPS lock in this case, given that the page only uses HTTPS to access ...stackoverflow.com?
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Top
barbaz
Senior Member
Posts: 11064
Joined: Sat Aug 03, 2013 5:45 pm

Re: Why are HTTPS sites red instead of black?

Post by barbaz »

Not seeing this in a clean profile. Most likely you simply already had those permissions set for over both HTTP and HTTPS.
*Always* check the changelogs BEFORE updating that important software!
-
Top
FranL
Senior Member
Posts: 84
Joined: Sun Dec 03, 2017 4:17 pm

Re: Why are HTTPS sites red instead of black?

Post by FranL »

I toggled the domain to UNTRUSTED, reloaded the page, then set it back to TRUSTED, and reloaded again — it looks correct now:

Image

NoScript also seems to default to the green lock on TRUSTED domains accessed via HTTPS, which is nice. Thanks, barbaz.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Top
darby
Posts: 5
Joined: Mon Dec 11, 2017 10:13 am

Re: Why are HTTPS sites red instead of black?

Post by darby »

Been toggling the sites having this issue as well. Works most of the time.
Mozilla/5.0 (Windows NT 10.0; rv:57.0) Gecko/20100101 Firefox/57.0
Top
Post Reply

Return to “NoScript Support”