Not working for me, Diigo on an iPad 3
You can disable the default blocking of mixed HTTP and HTTPS content in Firefox by typing about:config in the address bar:
To permanently disable for all websites:
1. In the address bar, type “about:config” and press Enter.
2. Click the “I’ll be careful, I promise!” button.
3. In the search field, type “block_active”.
4. Set the value for the one search result (“security.mixed_content.block_active_content”) to “false”.
I won’t be doing this myself though as it might be fine for EuroGA but not for every website.
Many thanks for that… I just knew it was really obvious
Incidentally I wonder what the real danger is in blocking mixed content. The danger which a website poses is that it can serve you something dodgy. But HTTPS gives you no protection from that. If you want to build a website which serves malware, you just buy a certificate! You can even get a free HTTPS certificate from e.g. Start SSL. These certificate vendors are supposed to verify your identity but, ahem, shall we say, hmmmm… and how would I possibly know this?…. they don’t! Anybody can knock up an HTTPS website.
The setting is not shown in the preferences menu for a reason. A dodgy website serving malicious content from a HTTPS server is of course no safer than a HTTP server doing the same. But what isn’t always obvious is that most websites serve data loaded from many hosts to display a single webpage. One webpage could could consist of calls to five adservers, to analytical tracking servers and the server that delivers the actual content displayed on the webpage. There can be literally dozens of servers used to display one page on a large popular website.
The basic idea in not allowing mixed content is that unsafe HTTP code could be used to change the HTTPS code which would render HTTPS security useless.
The basic Mozilla explanation of mixed content can be found here.