See https://bugzilla.mozilla.org/show_bug.cgi?id=662692 When a script attempts to open a WebSocket to a non-TLS-protected server ("ws://"), the attempt should fail if the document was delivered over HTTPS. Since there are basically no existing WebSockets servers, there is no compatibility reason to allow ws:// (as opposed to wss://) WebSockets from an https:// webpage. We (Mozilla) would like to move to a stronger policy prohibiting all mixed content, and prohibiting https://+ws:// from the start will help prevent WebSockets from adding to the problem. In addition to addressing this in code, we should make sure the W3C spec notes this.
This bug is duplicated by #89068.
Reverse duping to a bug with more discussion. *** This bug has been marked as a duplicate of bug 89068 ***