Mozilla has made a change towards marking HTTP sites as insecure in Firefox 70 by removing “‘i” icon in the address bar, it now displays a crossed lock icon for an HTTP page in the URL bar, the change is already landed and can be seen in the latest Nightly version.
We expected this coming, both Mozilla and Google want to improve HTTPS adoption on the web, former contributes to that by offering free SSL/TLS certificates through Let’s Encrypt for websites to migrate to HTTPS from HTTP. Latter on the other hand has started showing “Not secure” text for HTTP site along with “i” icon in the address bar in Chrome browser, from version 68 onwards.
Mozilla has to make few adjustments for this. In the current Firefox 68 version, the browser shows insecure site information for a non-HTTPS site to the user through ” i” icon, the same icon also displays content blocking and permission information along with “connection is not secure” message when you click.
Now in Firefox 70, the ” i” icon has been removed, a new shield icon will be displayed consistently for tracking protection information and the Lock icon will display site connection info as well as Permissions details.
Mozilla promises to come up with a blog post on explaining changes to Security UI in version 70 and the concept behind it. As most of the sites on the web already moved HTTPS, this change may not be a big deal to you as an end-user but for a website owner, it is, what you say?
Related articles:
Firefox 52: Contextual Warning for Insecure Login Field
Firefox 51: Mozilla turns on Insecure Password Warning
Shield Icon on Chrome’s Omnibox Shows “ This Page has insecure content”