On 28/01/2015 22:29, Alberto Salvia Novella wrote: > Damir B: >> I'd still report just this aspect on Launchpad > > Done at > <https://bugs.launchpad.net/adobe-flash-plugin-tools/+bug/1415620>. > > If this bug affects you, please confirm at > <https://bugs.launchpad.net/adobe-flash-plugin-tools/+bug/1415620/+affectsmetoo>. > > > Damir B: > > If you guys weren't following the latest development of Firefox, they > > actually released a new "Insecure Content" feature that is enabled by > > default (shipped with version 35). Basically, if I access the Adobe > > Flash online settings page with it enabled, I just get a white page > > with a bunch of text. If I disable it, the page then works perfectly > > as it has before, so there is now an additional step required to get > > the page working and I am now wondering if that is where you guys are > > fumbling.... > > You can omit this step just by going to > <http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html>. > > > Thank you. > > > > Hi Alberto & Damir B,
This works: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html#118539 This doesn't: https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html#118539 (as reported but note https not http) This works: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html The reason this is not working is due to: Blocked loading mixed active content "http://wwwimages.adobe.com/www.adobe.com/lib/com.adobe/_all.js"[Learn More] settings_manager02.html Blocked loading mixed active content "http://wwwimages.adobe.com/www.adobe.com/lib/com.adobe/template/screen.css"[Learn More] settings_manager02.html Blocked loading mixed active content "http://wwwimages.adobe.com/www.adobe.com/lib/com.adobe/template/print.css"[Learn More] settings_manager02.html Blocked loading mixed active content "http://wwwimages.adobe.com/www.adobe.com/lib/com.adobe/template/fixH1Size.js"[Learn More] settings_manager02.html Blocked loading mixed active content "http://wwwimages.adobe.com/www.adobe.com/lib/com.adobe/module/SearchBuddy.js"[Learn More] settings_manager02.html TypeError: document.observe is not a function settings_manager02.html:29 ReferenceError: adobe is not defined settings_manager02.html:34 Blocked loading mixed active content "http://wwwimages.adobe.com/www.adobe.com/ubi/globalnav/_all/gnav.js?locale=en_US"[Learn More] settings_manager02.html Blocked loading mixed active content "http://wwwimages.adobe.com/www.adobe.com/ubi/globalnav/_all/reimagined.js"[Learn More] settings_manager02.html Blocked loading mixed active content "http://wwwimages.adobe.com/www.adobe.com/ubi/globalnav/_all/ims.js"[Learn More] settings_manager02.html ReferenceError: SWFObject is not defined [Learn More] points to: https://developer.mozilla.org/en-US/docs/Security/MixedContent This is actually needs to be fixed on Adobe's side, perhaps using protocol relative urls[1] i.e. //wwwimages.adobe.com/www.adobe.com/lib/com.adobe/_all.js or all assets should be loaded from either https:// or http://. This will fix loading of assets and javascript TypeError and ReferenceErrors when accessing the page on https://. As you can see on the last line above, a javascript file can not be loaded on line 651 in the page[2] and effectively prevents a new flash object to be created: var swfo = new SWFObject( props ); which in this case is the privacy settings panel. This would also explain why there is no styling on the page as well due to css style sheets also being loaded at http:// instead of the https:// address. Tested with: Ubuntu Gnome 14.10 Flash Plugin: 11.2.202.440ubuntu0.14.10.1 Firefox: 35.0.1 Ubuntu Gnome 15.04 Flash Plugin: 11.2.202.440ubuntu1 Firefox: 34.0 In summary, Firefox is doing the right thing and that is to ensure the page you are visiting has all assets and resources loaded on https:// while blocking http:// when on https://. Otherwise, the page really isn't secure if it has mixed content loading. Secondly, this is not a problem with the flashplugin-installer package. Finally, if you clear the browser cache on 12.04, you will most likely encounter the same problem due to content already being cached in the browser and Adobe making the page available later on https during 12.04 to 15.04. Unfortunately, I can not confirm if the secure address was introduced during 12.04 to 15.04 and I don't have 12.04 installed at the moment to confirm if browser cache is making the page work, but it seems likely. File a bug report with Adobe and use either http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html#118539 or http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html until the above is fixed. [1] http://www.paulirish.com/2010/the-protocol-relative-url/ [2] Use "Inspect Element" tool and switch to "Console" tab while on https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html#118539 -- All the best, Bruce FSF Member 10674 / The FSF is a charity with a worldwide mission to advance software freedom / Join the Free Software Foundation: http://www.fsf.org/register_form?referrer=10674 -- Ubuntu-quality mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality
