Firefox to Require Secure Contexts

Firefox to Require Secure Contexts

Firefox to Require Secure Contexts

No Comments on Firefox to Require Secure Contexts

Recent news from Mozilla confirms that Firefox is taking Google’s security requirements even further.

Anne van Kesteren for Mozilla says:
“Effective immediately, all new features that are web-exposed are to be restricted to secure contexts. Web-exposed means that the feature is observable from a web page or server, whether through JavaScript, CSS, HTTP, media formats, etc. A feature can be anything from an extension of an existing IDL-defined object, a new CSS property, a new HTTP response header, to bigger features such as WebVR. In contrast, a new CSS color keyword would likely not be restricted to secure contexts.”

This means that new features as they are released in the browser will not be available to websites that are not secured with an SSL certificate and using HTTPS. This is a huge step forcing secure connections between a visitor’s computer or device and the servers that are delivering the web page.

Bigger implications affect older websites, hosting providers and computers that do not support the latest security requirements. Some older Linux and Windows servers managed by hosts like Godaddy and cheaper or smaller hosting companies have a tendency to not update their operating systems. These hosts are the home to millions of websites that have no security or where the owners haven’t understood the changes that are coming and how they will be impacted.

Last year we heard that Google was going to give preference to secure sites in search results, and in Chrome they’ve been maintaining a list of qualified certificate authorities (the companies that sell the SSL certificates) and editing the list based on who they think is reputable. Over the last year many people who had purchased cheaper certificates found that their sites could not be accessed in Chrome and would not show up in search results.

This larger and bolder step by Mozilla Firefox requires that websites be secured to avoid feature gaps as WordPress or plugins and other server technologies are updates. It requires website owners to pay attention and start maintaining their sites if they want to compete on the web and remain relevant.

Securing a website is more than just installing an SSL certificate, you must review all of the links and assets on the site to make sure entire pages are coded securely. For a page to load securely there must be no insecure HTTP links, images or other assets referred to in the code. This changes the way a lot of older sites may work, because they have to evaluate all of their content and links.

Mozilla’s announcement takes effect immediately and users browsers will likely be updated with this change in the next few days as Firefox regularly installs updates for maintenance and security features.

With other recent changes we’ve been writing about including Google’s Voice Search vs SEO, and Google’s Mobile First agenda, it’s a great time to re-evaluate your web presence with a professional team of SEO and Web Designers and outline your web strategy going forward.

About the author:

Justin Soenke is a trend-based serial entrepreneur and thought leader in the areas of cyber-security, web design, SEO, social media, eCommerce and managed IT. Justin has overseen the creation and success of over a dozen companies in the technology, security and media sectors, and is the contributing source for his SB Design Blog, SB Tech Blog and SB SEO Blog among regular contributions to many outside blogs and websites, all for our clients.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow & like us :)

Subscribe to Emails

Our Address

Mailing Address
Phase 3 Enterprises, Inc.
PO Box 369
Santa Barbara, CA 93116

Call Us Today!

Contact our team of professionals — your single point of service for all your IT, Web design and SEO needs.

Phone Support Hours
Mon - Fri: 8am to 5pm
tel 805.964.3235
fax 805.715.8107