User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Build ID: 20150620063927 Steps to reproduce: Went to some website and downloaded some potentially shade .exe (or .msi, .dmg, .rpm, .deb) file over HTTP or FTP. Actual results: It just let me download it without warning. Expected results: Firefox should have warned me or displayed a notice that I was downloading a executable binary over a non-secure source (HTTP instead of HTTPS). Else the user could get infected by malware using a fake DNS attack, such as when on an open Wi-Fi network.
Also display a notice in the Firefox Developer Console so that the developer is informed and aware that the visitors of his website can get infected by malware when they download software from his website and that he should use HTTPS/FTPS instead of HTTP/FTP.