• maniel
    link
    fedilink
    arrow-up
    24
    ·
    8 months ago

    Another security feature added is the blocking of downloading files from URLs that are on lists of potentially dangerous content.

    Yeah, I’m not sure blocking HTTP downloads by default is a good idea, I mean many offices probably have some internal legacy HTTP only sites that nobody dares to touch, that are perfectly safe being HTTP (if you have hackers inside your network a simple intranet site spoofing is your least problem), and disabling this security option might have a lot of wider repercussions

    • emptiestplace
      link
      fedilink
      arrow-up
      15
      arrow-down
      2
      ·
      8 months ago

      I get it, but you’re arguing in favour of negligent IT. If nobody dares to touch something, it is a liability.

    • noobnarski@feddit.de
      link
      fedilink
      arrow-up
      5
      ·
      8 months ago

      Edge has started doing that too, whenever I download something from my Home Assistant instance while at home I have to rightclick and say that I really want to download it.

      As long as such an option is available its not too bad.

      • maniel
        link
        fedilink
        arrow-up
        4
        ·
        8 months ago

        It’s not just about that, people will be disabling the feature that is potentially beneficial to their security, disabling http downloads from http sites is just an extension of blocking http downloads from https sites