forcing HTTPS and mixed content blocking
Posted: Tue May 24, 2016 9:25 am
I have set security.mixed_content.block_display_content=true in about:config and want to force HTTPS beeing used for www.avg.info by adding ".avg.info" to the list in NoScript. This works fine for the page itself, but requests to both display content and active content (which is blocked by default if it's mixed content) on the same domain don't get forced to HTTPS, and are therefore blocked. I believe this has worked a few months ago though.