Hi anon,
thank YOU for documenting your exploration!
I'm still using FF 3.0, because I jump on new versions never directly at the beginning of the publication, but always only if they worked satisfactorily. With FF that is regular the case, if the previous version is not any longer supported.
anon090526 wrote:Looking at
Tools > Page Info > Media I also see a third http url.
The first above is the small SG logo of a kid eating near the facebook link.
The second is a vertical strip of small icons, several of which look like the "become a fan" icon near the facebook link.
The third is a small stylized 'f' graphic icon that I don't see in the page, but I associate with facebook.
If I follow this, I see only two media:
The spam eating kid without any association to facebook
?
https://www.spamgourmet.com/stuff/gourmet.pngThe vertical flag row for choosing the sites language
?
https://www.spamgourmet.com/stuff/flagmap.pngThat may result in using NoScript, a FF add-on, where I blocked ALL facebook (and similar) images, because I do not trust them and do not need them. Equal as I block advertisements ...
You can also use AdBlockPlus as a FF add-on, to block page components explicitely.
The secure SG login, you mentioned (
https://www.spamgourmet.com/index.pl?languageCode=EN) has an unencrypted Facebook script:
http://static.ak.facebook.com/js/api_li ... .php/en_USYou can block that script (wildcards are allowed). I think, that could help.
I need not to block this script, because I'm blocking Facebook over NoScript at all.
you wrote:Jumping to conclusions as usual, I think maybe adding the facebook links to this page broke it in the sense that Firefox considers it to be partially unencrypted and worth warning about.
That is truely possible. I don't want to figure it out.
you wrote:I'm guessing Safari is just less careful about this, not a big surprise.
Safari is not a secure browser, indeed.
you wrote:Assuming I'm right, I would expect SG administration to be in favor of web standards, secure computing, and truth, justice, etc. You do offer a secure login, go to the trouble of buying a certificate, and this page used to be Firefox-clean. Perhaps you can look at how the facebook link was added, or just remove it from the secure login page?
The problem may be the facebook link. It is state of the art, to present facebook (and similar) links on public pages. I think, SG will not change their opinion.
But you can help yourself, blocking unsecure and unnecessary elements.
That is even the better way to keep your systems clean.
you wrote:Now that I think of it, I wouldn't have expected a big overlap of facebook and SG users.
That can nobody know. I think SG users are not high profession secure net users at all. I think the whole spectrum of net users is also represented as SG users. Also users of social networking ...
Regards,
K-E