'unencrypted' error – only on Firefox

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author ktbartholomew

    (@ktbartholomew)

    11 years, 10 months ago

    Is this a login at your IdP? The URL the form is posting to might not be on https. Follow/DM me on Twitter if you want and I’ll take a look.

    Thread Starter Ilene Johnson

    (@ilenejohnson)

    11 years, 10 months ago

    I follow u on Twitter, you must follow me so I can DM. I posted to your twitter acct

    Thread Starter Ilene Johnson

    (@ilenejohnson)

    11 years, 10 months ago

    Is there anything I can do in the set up of SAML 2.0 so that this error message doesn’t appear? The WordPress installation is on http: and the authenticating server is on https. The WordPress installation does not need to be on an https.

    Plugin Author ktbartholomew

    (@ktbartholomew)

    11 years, 10 months ago

    You’re seeing this message because the IdP is posting from a form on a secure URL (where the user submits their credentials) to an insecure URL (your site’s assertion consumer). Although the data going to the WordPress site doesn’t contain any passwords, Firefox raises a flag because this kind of behavior could be used to send private information to an insecure party. In Firefox, this behavior cannot be disable, and for good reason: https://support.mozilla.org/en-US/questions/748605

    The easiest fix is to configure your WordPress assertion consumer (or the entire site) to be accessible via HTTPS.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘'unencrypted' error – only on Firefox’ is closed to new replies.

Tags