Announcement

From:Adam Marshall
Date:29-Aug-2013 17:00
Subject:Recent versions of Chrome, Firefox and Internet Explorer now block non-secure content from WebLearn

A recent change to the behaviour of the major web browsers may have a significant impact on WebLearn users. Firefox v23 (and higher), Chrome 30 (and higher) and Internet Explorer 9 (and higher) will now block Mixed Active Content by default. This means that the above mentioned browsers will fail to display non-secure (http) content within the WebLearn frameset - this may seem annoying but actually makes WebLearn more secure.

It is possible that users will report WebLearn pages as being 'broken' and unfortunately, if those pages do contain non-secure content, it may be necessary for WebLearn pages to be updated by their owners. This could be a fairly sizable task and ideally needs to be done before the start of term

The benefit to carrying out this work will be in making your WebLearn areas more secure because they will be much less susceptible to potentially malicious attacks. (Such attacks can occur when an non-secure piece of content (e.g. web page, embedded video or iframe) becomes compromised and is used to launch JavaScript which can steal session cookies or other sensitive data from the surrounding web page.)  

Please read this blog post which explains the actions that need to be taken: Blog post: http://wp.me/p1K8WQ-JX or http://blogs.it.ox.ac.uk/adamweblearn/2013/08/firefox-now-blocks-non-secure-content-from-weblearn-weblearn-pages-may-need-to-be-edited/

We are happy to help. Any queries should be addressed to weblearn@it.ox.ac.uk. We would like to apologise for not knowing that change this was coming, and realise that this may cause you additional work.