diff --git a/apps/browser/src/content/autofill.js b/apps/browser/src/content/autofill.js
index f56a1f843e..d9ac840c8d 100644
--- a/apps/browser/src/content/autofill.js
+++ b/apps/browser/src/content/autofill.js
@@ -43,6 +43,7 @@
   10. Handle sandbox iframe and sandbox rule in CSP
   11. Work on array of saved urls instead of just one to determine if we should autofill non-https sites
   12. Remove setting of attribute com.browser.browser.userEdited on user-inputs
+  13. Handle null value URLs in urlNotSecure
   */
 
   function collect(document, undefined) {
@@ -632,7 +633,7 @@
               return false;
           }
 
-          return savedURLs.some(url => url.indexOf('https://') === 0) && 'http:' === document.location.protocol && (passwordInputs = document.querySelectorAll('input[type=password]'),
+          return savedURLs.some(url => url?.indexOf('https://') === 0) && 'http:' === document.location.protocol && (passwordInputs = document.querySelectorAll('input[type=password]'),
               0 < passwordInputs.length && (confirmResult = confirm('Warning: This is an unsecured HTTP page, and any information you submit can potentially be seen and changed by others. This Login was originally saved on a secure (HTTPS) page.\n\nDo you still wish to fill this login?'),
                   0 == confirmResult)) ? true : false;
       }