How to block insecure images on HTTPS pages in Chromium on Linux?

3

I'm trying to figure out a way to stop Chromium from loading insecure (i.e. non-HTTPS) images on pages served over HTTPS (i.e. basically the exact opposite of this question).

Alas, all the instructions I could find say something like this:

  1. Open the settings page (by selecting "Settings" from the hamburger menu, or by typing chrome://settings/ into the address bar).
  2. Select "Show advanced settings..." at the bottom of the page.
  3. Change the mixed content settings under "HTTPS/SSL" to "Block all insecure content".

Unfortunately, I'm getting stuck at step 3, since all I have under the "HTTPS/SSL" heading is a button that says "Manage certificates...". And yes, all it does is bring up a dialog for, well, managing SSL certificates.

Screenshot

I'm using Chromium 41.0.2272.76 on XUbuntu Linux 14.04.

Is there any way for me to access these settings (and do they even exist any more)?

Ilmari Karonen

Posted 2015-05-07T20:21:40.357

Reputation: 1 509

Answers

4

You can start Chromium with the --no-displaying-insecure-content command-line option. Visit SSL Labs with and without this switch, and check the last result on the page "Mixed Content Handling", especially the Images result, which should change.

To persist this in configuration in preferences, locate your Preferences JSON file, ~/.config/chromium/Default/Preferences for Chromium, ~/.config/google-chrome/Default/Preferences for Chrome, and look for the webkit -> webprefs keys, which might be absent, or might be near the end of the file. Either add a new key for "allow_displaying_insecure_content": false:

},
"webkit": {
    "webprefs": {
        "allow_displaying_insecure_content": false
    }
}

... or add it to the existing block:

"webkit": {
    "webprefs": {
        "allow_displaying_insecure_content": false,
        "default_fixed_font_size": 13,
        "default_font_size": 16
    }
}

I'm not aware of any Settings UI for this setting.

javabrett

Posted 2015-05-07T20:21:40.357

Reputation: 454

1Thank you! Even just the command line option would've been enough, but you went the extra mile by also showing how to make this setting persistent. While I'm a bit sad to learn that there's no UI for this, your answer more than deserves the bounty (and I'll award it as soon as the site lets me). – Ilmari Karonen – 2015-05-15T11:17:11.783

Asked: 2015-05-07T20:21:40.357

Viewed: 633 times

Active: 2015-05-15T11:18:51.260