New Security Settings in Chrome & Firefox Causing Download Issue in LV catalog - Workarounds

January 18th, 2022, 2:18 pm

Yes it's on the to do list.

Meanwhile how are you downloading? zipfile or individual mp3 files? From the LV catalog pages? Can you access the files directly from their archive.org page?

Here are some step by step browser specific directions.

Enabling mixed content in Google Chrome
1. Click the lock icon, at the left side of the address bar, then click Site settings.
2. Scroll to Insecure content, then use the drop-down list to change “Block (default)” to “Allow.”
3. Reload the page.

If you are uncomfortable changing the settings in your browser, you can download from the internet archive page for the book. There is a link on the catalog page to the corresponding Internet Archive page. (Note you are downloading the exact same file either way. The download link on the catalog page is a link to the download for the 64kb zip file on the IA page.) All our files are stored/hosted by IA and linked on the catalog pages. You can also stream the audio from the online player at the top of the archive page for each book. The above changes will only affect downloads from librivox.org. The security settings for other sites will remain as before.

Enabling mixed content in Edge
To fix this for the LibriVox catalog for Microsoft Edge -

Open Edge and navigate to the catalog home page librivox.org
Click the lock icon at the left end of the address bar and choose permissions for this site from the dropdown menu
This will take you to the Settings page - scroll down to the bottom and find the setting for insecure content
Change it from the default (block) to allow
Close the settings page
Refresh the page, and you should then be able to download files as before.

Downloading from librivox.org with Firefox
1. Right-click the download button on the catalog page and select Save Link As. In the window that opens, choose the folder where you want the download to go and click Save.
or
2. Click the download button on the LV catalog page. If an error message comes up that the download could not be saved, because the source file could not be read, click OK to close the download window. On the top right of the menu bar, find the downloads button and click it. Find the failed download in the list of downloads and click the symbol at the right to retry download. The download should proceed.

barleyguy · Post by **barleyguy** » November 30th, 2022, 2:21 pm

I don't believe it was mentioned in this thread anywhere, that in Firefox you can turn this "feature" off completely. To do so, go to the address "about:config" in your address line, and search for "download", then change the property

dom.block_download_insecure to false

This will allow downloads from all http sites without any other steps.

November 30th, 2022, 3:35 pm

I didn't find this option when I posted the options above, but I think most people would probably prefer only turning off that option for specific sites.

barleyguy · Post by **barleyguy** » November 30th, 2022, 3:44 pm

knotyouraveragejo wrote: ↑November 30th, 2022, 3:35 pm I didn't find this option when I posted the options above, but I think most people would probably prefer only turning off that option for specific sites.

To each their own.

But to explain what this "feature" does, it blocks downloads over http rather than https. Theoretically, if you download over http, someone in the middle of the connection could tamper with the file, so what you receive could be different than what was sent.

In 25 years of browsing the internet, I have AFAIK had this happen exactly zero times. So IMO this "feature" is not worth having enabled at all, ever. Just my opinion though. The contributors to Firefox and Chrome evidently feel this is a useful enough thing to have made it the default behavior.