Skip to main content

Firefox is ready to protect against potentially dangerous downloads

Firefox logo on colorful background
(Image credit: Mozilla)

The internet is undeniably a dangerous place – at least potentially – and all of the mainstream browsers have been gradually upping their games in recent months to offers increasing levels of protection. 

While there has been a general, steady move towards HTTPS, this is certainly not the case across the board.

One of the problems that web users encounter is visiting an HTTPS site and downloading a file, only to discover that the transfers is from an insecure server – so-called "mixed content". This is something that future versions of Firefox will protect against.

Mozilla says the upcoming Firefox 92 will block downloads that are delivered over an insecure connection. The content of the download is not analysed, the mere fact that an insecure connection is being used as the method of delivery is enough to cause concern.

If you attempt to download a file that does not meet Firefox's security standards, you'll be greeted by a message informing you: "File not downloaded. Potential security risk. The file uses an insecure connection. It may be corrupted or tampered with during the download process. You can search for an alternate download source or try again later.

Keep it secure

While this feature is currently only visible in the unreleased Firefox 92, it is looking as though Mozilla is going to have it enabled by default. Clearly the idea is to improve security to all users, and this is to be welcomed, but choice is always welcome. As such, it is possible to disable the security feature if you have a particular need for this, although it is not an obvious setting in order to discourage casual disabling.

Should you want or need to lower your security settings for some reason, you can use the following steps:

  1. Launch Firefox and visit about:config
  2. Click Accept the Risk and Continue if a warning message appears
  3. Search for block_download_insecure
  4. Double click the value to toggle the setting to False to disable the protective feature

If you're interested in trying out the latest features of Firefox, the most recent beta version is available to download here.


Analysis: copying security features benefits everyone

Web browsers are often "inspired" by each other, borrowing features left, right and center. There is one school of thought that suggests that this could ultimately lead to such a level of homogeneity that it really won’t matter which browser you choose to use. It's hard to say whether this is true or not, but there's one area in which copying features is to be welcomed: security.

The problem with mixed content is that site visitors can be lulled into a false sense of security. People have become used to checking that a site is secure, looking out for security certificates and signs of using HTTPS, but this is more difficult to when it comes to downloads. While there will always be those who decry software offering hand-holding of any sort, it is clearly beneficial when it comes to security.

The plagiarism of features may be something that users and developers tend to frown on, but when it is in the name of the making the internet a safer place to be, it's hard to argue against it too much.

Via Techdows

Sofia Wyciślik-Wilson

Sofia is a tech journalist who's been writing about software, hardware and the web for nearly 20 years – but still looks as youthful as ever! After years writing for magazines, life moved online and remains fuelled by technology, music and nature.


Having written for websites and magazine since 2000, producing a wide range of reviews, guides, tutorials, brochures, newsletters and more, Sofia continues to write for diverse audiences, from computing newbies to advanced users and business clients. Always willing to try something new, sharing new discoveries is a major passion.


Sofia lives and breathes Windows, Android, iOS, macOS and just about anything with a power button, but particular areas of interest include security, tweaking and privacy.