Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Verizon Webmail website no longer makes a secure connection since mid-June

Ever since approximately the mid-June Apple Java update the Verizon Webmail website will not make a secure connection unless I agree to send my password unencrypted. I can get it to work only if I delete the verizon.net cookies. This is true under Safari 5.1.9 and Firefox 21.


Does anyone have any idea how to fix this? A week ago Verizon tech support said there's nothing wrong on their end.

MacBook Pro, Mac OS X (10.6.8)

Posted on Jul 9, 2013 12:31 PM

Reply
8 replies

Jul 10, 2013 7:35 AM in response to WZZZ

Yes, I allow all cookies.


I tried it with FF 22. As before it works the first time perhaps because there is no verizon.net cookie.

When I navigated away from the page and then back I got the usual pop-up with a big question mark to the left:


Security Warning

Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.



Are you sure you want to continue sending this information?

Jul 10, 2013 9:37 AM in response to gwgoldb

I may be going a bit off topic with this, but I don't get those warnings any longer and I'm seeing they've been disabled relatively recently in Firefox. So don't know why you're seeing that one. Even though all my settings in about:config for security.warn are at True, I'm apparently not getting any of those. I may have to check further about that, though.


https://bugzilla.mozilla.org/show_bug.cgi?id=799009


This patch removes the following prompts:


1. Warning, you are about to enter a secure site

2. Warning, you are about to leave a secure site

3. Warning, you are about to submit a form to an insecure site, when you are already on an insecure site.

4. Warning, you are viewing a site with mixed content.

And further on


We already show the mixed content indicator in the address bar: globe vs. lock icon.

Also,

Support for those warning prefs has been removed.


bug 799009 - Remove support for obsolete SSL-related warning prompts


(please do not comment in bug reports: https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)


Warning, you are about to enter a secure site

Warning, you are about to leave a secure site

Warning, you are about to submit a form to an insecure site, when you are already on an insecure site.

Warning, you are viewing a site with mixed content.

http://support.mozilla.org/en-US/questions/953321


So unless I'm reading the Buzilla Bug report wrong, I don't understand why you're getting that warning. It seems they are suggesting relying on the lock icon, not the popup, to be certain you're on a fully encyrpted connection.


The Verizon webmail link I gave above is https, but comes with this message.


User uploaded file


Then, upon submitting the user and password, it switches to this. So I'm assuming that data is fully encrypted, not sent in the clear.


User uploaded file


That only lasts a second or two, and when login is complete it immediately switches back to the first partially encrypted globe icon.


I think you should look for the actual globe vs. lock icons at the different stages of logging in, as I have. It may be the popup you're getting for mixed security content refers to the post login session, not the actually transmission of the password.


In any case, I'm not getting that popup.

Jul 10, 2013 9:54 AM in response to WZZZ

OK just found this


Firefox 19 seems to have dropped the warnings about insecure HTTP(S) contents, i.e. warn about submitting form data over HTTP (no S!), mixed secure and insecure contents, leaving a HTTPS page and so on. How can I get these warnings back? Or are there now different warning mechanisms (e.g. showing an insecure form submission in adance, that means at the time of filling it in)?


Further down that page:

firefox will now allow you to block active mixed content though - enter about:config into the firefox location bar (confirm the info message in case it shows up) & search for the preference named security.mixed_content.block_active_content. double-click it and change its value to true.

http://support.mozilla.org/en-US/questions/954070


I just changed that value to true, and I'm still not getting the mixed security popup at any point in the sequence of logging in to Verizon web mail. In about:config


Perhaps you want to check how you have that set in about:config. This is mine, now changed from false to true.


User uploaded file

Jul 10, 2013 12:10 PM in response to WZZZ

I almost always used Safari to access Verizon Webmail. I get a slightly different message from Safari:


This is a non-secure form.

This form will be sent in a way that is not secure. Are you sure you want to send it?


What Firefox does is of no interest to me unless it works there and not in Safari, thus indicating a browser-specific problem.

Verizon Webmail website no longer makes a secure connection since mid-June

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.