Firefox 76 Will Force HTTPS for Sites By Default

Firefox 76 has got a new behavior for opening web sites. For sites available via both HTTP and HTTPS, Firefox will force HTTPS. Currently, Firefox still prefers HTTP when no protocol scheme is explicitly specified by the user.

Firefox Logo Banner 2020 Optimized

As you may already know, Google and its web browser had started a war against plain HTTP. The recently released Chrome 80 forces HTTP resources to be loaded via HTTPS, otherwise it leaves them blocked until  explicit user interaction. Soon, Chrome will block all insecure downloads.

Mozilla has joined the battle. Starting in version 76, Firefox will replicate Chrome's behavior by replacing HTTP with HTTPS for both embedded resources (e.g. images and scripts), and the address bar text. If you type somedomain.com in the address bar, Firefox will try to open https://somedomain.com and not http://somedomain.com any more.

If a web site is not available by HTTPS, Firefox will show an error page with a button to open that web site by insecure plain HTTP.

If some of the embedded resources are not available via HTTPS, the browser won't block them as of version 76, but it will print error messages to the developer console, which interested users can check out in Web Developer Tools.

The new behavior can be disabled or enabled with a new option in about:config, dom.security.https_only_mode.

Sooner or later, all the mainstream browsers will stop opening HTTP web sites.

Leave a Reply

Your email address will not be published. Required fields are marked *