Learn how Microsoft Edge handles mixed content downloads
This article defines mixed content downloads and explains how Microsoft Edge handles them.
What are mixed content downloads?
A mixed content download happens when you start a download from an HTML page that was loaded over a secure HTTPS connection, but one of the following conditions exists:
- One or more of the download location's redirects was loaded over an insecure HTTP connection.
- The final download location was loaded over an insecure HTTP connection.
Either of the preceding scenarios is a mixed content download because the request was made using secure HTTPS and both HTTP and HTTPS connections are used to reach the final destination. Modern browsers display warnings about this type of content to indicate that this download may be transferred insecurely even though the original page was accessed securely.
Download warnings and user options
The download warning ensures that users know that the file they're downloading could be read by malicious attackers on their network. This warning lets a user make an informed decision on whether to download the file.
In Microsoft Edge, mixed content downloads will be blocked but users can override and download the file if they want to. Microsoft Edge plans on starting to block mixed content executable file downloads starting with Microsoft Edge version 85 and will block different filetypes in future releases.
Note
Deployment of this feature is subject to change based on release schedule and user feedback.
In the download shelf, the block warning message looks like the example in the next screenshot.
On the download page, the block warning looks like the following screenshot example:
If a user decides to keep the download, they are prompted to confirm their action. The next screenshot shows an example of this confirmation prompt.
Supporting policies
Enterprises that want to exclude mixed content blocking from specific websites can use the InsecureContentAllowedForUrls policy to do so.
Content license
Note
Portions of this page are modifications based on work created and shared by Chromium.org and used according to terms described in the Creative Commons Attribution 4.0 International License. The original page can be found here.
This work is licensed under a Creative Commons Attribution 4.0 International License.
See also
Váš názor
Připravujeme: V průběhu roku 2024 budeme postupně vyřazovat problémy z GitHub coby mechanismus zpětné vazby pro obsah a nahrazovat ho novým systémem zpětné vazby. Další informace naleznete v tématu: https://aka.ms/ContentUserFeedback.
Odeslat a zobrazit názory pro