Fix: Firefox 125 and Later Block Downloads from HTTP Websites
If you upgraded or installed the latest Mozilla Firefox 125.0 or later version and you are facing issues in downloading files from HTTP (non-HTTPS) websites, this article will help you in fixing the issue and stopping Firefox from automatically blocking your downloads.
Table of Contents
Problem Symptom: Firefox No Longer Allows HTTP Downloads
A few readers contacted me regarding this issue present in recently released Firefox 125.0.1 and later versions. Whenever they try to download a file such as ZIP, EXE, etc from an insecure website (HTTP only), Firefox automatically blocks the download and displays a warning message to the user.
The built-in download manager in Firefox prevents the download and displays “File not downloaded: Potential security risk” error message with a red exclamation mark icon inside the download flyout.
Advertisement
When the user clicks on the blocked download file inside the download manager flyout, Firefox displays following warning message:
File not downloaded: Potential security risk.
You are trying to download this file on a connection that’s not secure. If you continue, the file might be changed, used to steal your info or harm your device.
You can search for an alternate download source or try again later.
PS: Different warning messages are displayed under different circumstances.
Advertisement
The error message contains 2 buttons: Remove file and Allow download. Users can click on the “Allow download” button to download the file. If the user is not sure about the download, clicking on the “Remove file” button will delete the file from user’s device to keep the device safe and secure.
Problem Reason: Firefox 125 and Later Versions Come with New Proactive Blocking Feature
Firefox 125.0 and later versions come with a new security feature which restricts or prevents users from downloading files from insecure HTTP websites. The official changelog of Firefox 125.0.1 version contains information about this feature as mentioned below:
Firefox now more proactively blocks downloads from URLs that are considered to be potentially untrustworthy.
Related: Check out our exclusive Firefox Versions Changelog article
So if a website is using an insecure HTTP connection and the user tries to download a file from this website, Firefox now automatically blocks the file and displays above mentioned warning message.
This feature has been implemented to improve security inside the web browser as HTTP websites are considered unsafe as they use insecure connection. On the other hand, HTTPS websites use secure HTTPS connection which is encrypted and secured and doesn’t cause security risks.
This security feature was already introduced in Firefox 93.0 version and we posted a dedicated article about this feature at following link:
[Fix] File Not Downloaded: Potential Security Risk Error Message in Firefox
Now the feature is rolling out with enhanced error messages and functionality to all Firefox users starting with version 125.0.
Problem Solution: Disable New Insecure Downloads Blocking Feature in Firefox
If you regularly download files from a few insecure HTTP websites and you trust those websites, you can disable or turn off the new security feature in Firefox to stop the web browser from automatically blocking the downloads.
Following steps will help you in disabling the new feature in Firefox and forcing Firefox to allow downloads from insecure HTTP websites:
STEP 1: Open Mozilla Firefox and type about:config in the address bar and press Enter. It’ll show you a warning message, click on “Accept the Risk and Continue” button. It’ll open Firefox’s hidden secret advanced configuration page i.e. about:config page.
STEP 2: Now type download_insecure in Search filter box and look for following preference in the window:
dom.block_download_insecure
The preference value is set to true by default, which means Firefox is set to block downloads from insecure HTTP websites.
STEP 3: To remove the block and allow downloads over insecure HTTP connection, double-click on the preference and set its value to false. Alternatively, you can click on the Toggle icon given next to the preference name.
That’s it. It’ll immediately disable the new security feature and Firefox will always allow you to download files from insecure websites.
PS: In future, if you decide to restore the new security behavior and allow Firefox to block insecure downloads again, set the above mentioned preference/flag to true.
IMPORTANT TIP: Disable HTTPS-Only Mode in Mozilla Firefox
If you are using HTTPS-only mode in Firefox, you might also need to disable it otherwise it’ll block the downloads from HTTP websites. Following article will help you in turning on/off HTTPS-only mode in Firefox web browser:
[Tip] How to Enable or Disable HTTPS-Only Mode in Mozilla Firefox
If you don’t want to disable HTTPS-only mode in your web browser, you can add your desired HTTP website as exception using the “Manage exceptions” button given on HTTPS-only mode settings page.
Also Check:
[Tip] How to Always Show “Downloads” Button in Mozilla Firefox Toolbar
[Tip] Force Firefox to Start Downloads in Temp Folder Again
[Fix] HTTPS Errors and Warning Messages on Secure Websites in Mozilla Firefox
Comments
NOTE: Older comments have been removed to reduce database overhead. Be the first one to start the discussion.