Support for `registerProtocolHandler()` on insecure sites has been deprecated

Published: February 11, 2018 | Categories: HTML, Privacy & Security

Description

As part of the ongoing insecure HTTP deprecation, Firefox 60 Nightly will no longer allow non-HTTPS sites to use the navigator.registerProtocolHandler method to register itself as a protocol handler, e.g. mailto for a webmail service. Given the low usage rate of the functionality, Firefox 62 will make the change on all the channels according to the current plan.

Update: As planned, all the channels impose the restriction as of Firefox 62.

References

Bug 1429732 - Consider making registerProtocolHandler require SecureContext
Intent to Unship: registerProtocolHandler() over insecure contexts