Firefox HTTPS-only mode breaks sites that return 404 for HTTPS connections
Hi,
I recently switched to Firefox's native HTTPS-Only mode from the
HTTPS Everywhere extension, and I've just made the nasty discovery that
a bunch of links that had been returning 404, which I had been assuming
were dead links, were actually perfectly valid pages, which Firefox had
been "upgrading" to HTTPS, and then getting 404s from web servers that
weren't offering them via HTTPS (but still apparently accepting
connections via HTTPS). Clicking on the little lock icon and turning
HTTPS-Only mode off for the website doesn't seem to have any effect -
the only thing that lets me actually access these pages is turning off
HTTPS-Only mode via the general Settings page (or about:config).
When the website doesn't offer HTTPS at all, then Firefox offers to
connect via HTTP, after a warning, and that's fine. But having pages
become completely inaccessible is intolerable - I now have to check
every 404 I get by turning off HTTPS-Only mode and seeing if the
page is actually there. Am I missing something here, or is HTTPS-Only
mode just badly broken?
https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/
https://news.ycombinator.com/item?id=25121604
Celejar
Reply to: