• Protip: Profile posts are public! Use Conversations to message other members privately. Everyone can see the content of a profile post.

Firefox displaying NSXprime as text only ("Connection not secure")

Joined
17 January 2007
Messages
998
Location
Adelaide, South Australia
I've been using Firefox browser for many years. Recently both of my computers display NSXprime as text only (see example in attachment). When I click the yellow exclamation mark preceding site URL address it tells me "Connection not secure. Parts of this page are not secure (such as images)". The is an option to "Disable Protection for now" but this only works one page at a time, so I have to disable protection for each new page! .... it's taken me ages just posting this question ...

This does not occur with any other sites so my guess is there's something amiss with NSXprime, unless I'm the only one experiencing this issue?
Any suggestions?

TIA
 

Attachments

  • NSXprime text only.JPG
    NSXprime text only.JPG
    98 KB · Views: 146
Last edited:
This has happened before to me. As recommended by Lud, try clearing your browser history. That fixed it for me.
 
I had the same problems on my home pc but not at work and I just clicked on the forum and the rest of prime was ok....now after some months it has sorted itself out....funny thing is for about 3 weeks on my home pc I could not post a reply to threads when I clicked reply the reply box was not active,,,,but that too has resolved itself.
 
Well thanks, but ...
I tried deleting history but still no go.
Curiously I don't get this problem if I use Chrome instead of Firefox (as I am now).
But I'm a Mozilla fan so swapping permanently is not an option.

I think the issue is related to "Mixed content" detected by the new "Tracking Protection" feature recently introduced by Mozilla.
FYI I've attached a couple of images showing the Tracking Protection pop-ups with "Connection is not secure" warnings.
(I did try to exempt NSXprime in Firefox but no luck again)

Still looking for suggestions here, and meanwhile I'll log a call with Mozilla ...

Tracking protection issue 1.jpg

Tracking protection issue 2.jpg
 
Last edited:
The site supports "flexible" SSL which used to be a reasonable compromise for user-generated content sites, but browsers are getting stricter.

You can avoid the problem you're seeing by simply going to http://www.nsxprime.com/forum instead of https. Then it should just display the broken lock icon in the address bar to alert you the site is not secure, but everything should render correctly. I just verified this using Firefox 59.0.2, so if you get a different result check your plugins, etc. for anything that might be forcing it to go to https.

Forcing it is a problem for legacy content on user-generated content sites because if SSL is enforced then any page/thread with content anyone ever linked from a non-https source will break the page rendering exactly as you are seeing due to mixed secure and non-secure content sources, and people can't easily work around it. I could run a database search and replace to change every instance of http to https in every post ever made, but that will probably break a lot of links too as not all hosts support it. I may try to build a query to dump all the unique domain names ever linked and do a little testing to see how many things would break if I do that because as more and more sites support it, the impact is getting smaller. If it's not going to break a lot of old links anymore I could force SSL on the whole site without issue, which is really the ideal solution anyway.

I could also disable SSL support entirely, which would force everything over http and thus wouldn't generate mixed content problems. That would be the easiest option but it isn't a great solution looking forward.
 
OK thanks for the detailed explanation. Changing the URL from https::// to http:// still doesn't work for me in Firefox (I'm using Chrome to add this reply). But I'm getting good support from Mozilla so I'll share this explanation with them, and report back here with anything useful.

BTW the whole NSX prime site was unusually down (completely inaccessible) for most of yesterday and into the night (Aussie time). This made it a little tricky for Mozilla support staff trying to help me! I assume you are already aware of this?
 
FWIW the cause was the "DuckDuckGo Privacy Extensions" an Add-on to Firefox, and the workaround / solution is simply to disable this extension.

Easy once discovered, but is sure took plenty of inputs from Mozilla Support staff to resolve it :(
 
Back
Top