|
|
Log in / Subscribe / Register

Disable HTTPS upgrade?

Disable HTTPS upgrade?

Posted Mar 5, 2025 9:05 UTC (Wed) by PeeWee (subscriber, #175777)
In reply to: Disable HTTPS upgrade? by intelfx
Parent article: Firefox 136.0 released

Why do you even call it a misfeature? It is simply a change in default behaviour. It used to be that, if not explicitly specified, FF would use HTTP. Extensions such as HTTPS Everywhere are proof that there is/was a desire to change that. FF has supported HTTPS-Only for quite some time now and this is just the softer version of it.

I am really rather happy about this very much in demand feature and getting rid of some inconveniences one has to put with when using HTTPS-Only, which requires manual setup of exceptions, if the destination host does not support HTTPS. And @Cyberax seems to be in the habit of blaming anything but his own (mis)configurations, if his rants about systemd are anything to go by. If an explicit http:// doesn't fix it and HTTPS-Only is not active then this may well be just a bug, as in teething problem. People should really stop blowing things out of proportion. Also this may still turn out as PEBCAK.

to post comments

Disable HTTPS upgrade?

Posted Mar 9, 2025 14:00 UTC (Sun) by Duncan (guest, #6647) [Link] (1 responses)

> FF has supported HTTPS-Only for quite some time now and this is just the softer version of it.

Thanks. I wish the ff what's new and all the articles covering it had been that explicit. I've been low-key confused since I enabled HTTPS-Only when it came out (and had HTTPS-Everywhere before that), and this seemed to be the same thing. Better security by default's good, but now I've confirmed what I suspected, that this change doesn't apply to me since I'd already effectively opted into it. Again, I wish the ff what's new had specifically explained that.

Disable HTTPS upgrade?

Posted Mar 9, 2025 15:53 UTC (Sun) by mathstuf (subscriber, #69389) [Link]

Well, I think we've seen that Mozilla's communication department is definitely lacking in the "tact" department these past weeks. I wonder if enough folks have been influenced by the vapid "bug fixes and performance improvements" update notes to see even what we get as "more effort than seems necessary" for release notes.

I think the only way to push back on that is to use that as the complete commit message (maybe with an empty "What's new:" list introducer) when contributing to repos run by these companies and point to "seems good enough for you" when push back happens.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds