On Fri, Feb 21, 2025 at 9:32 AM Tim via users <users@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
Hi,
Just thought I'd try asking here, because I'm not having much luck with
Google...
Many times, way too many damn times, if I try to access some address
with Firefox it will go into HTTPS mode when I don't want it to.
For instance, I've actually typed http://192.168.1.254 to get into my
router's admin page, because it doesn't do HTTPS. And if Firefox
doesn't get instant results with what I typed it changes it to
https://192.168.1.254 (which is never going to work).
Likewise with other devices that I might be testing on my LAN, and may
be unplugged/reset while I'm testing, so I want to just hammer away at
the same address sitting in the browser's address bar without the damn
browser changing it on me.
Grrrrrrrr, I hate autocorrect style of crap everywhere they put it.
The HTTPS-only modes are disabled. Stupid option that is. Many things
do NOT have HTTPS. Most things don't need it. It just increases
workload to encrypt unimportant things.
And I wish they'd stop hiding HTTP and HTTPS in the address bar. Let
me see the letters there so I know what it's doing.
Does anybody have any answers about how to force the browser to stop
doing that, always, every time, never disobey me?
Yes, I've been fighting this for the past year, since about October 2024
when the major browser platforms decided that your saftey against
phishing attacks on your bank account was more important than being
able to access other web sites.
I run the website for my local RC Flying club and we have some
web cams showing our flight line and the parking lot, and those
devices are HTTP only. But with the new browser restrictions,
people couldn't get at the cameras anymore. What made it worse
was that although the web site would support HTTPS, having one of
its pages point at another URL that was explicitly HTTP causes
a cross-site security violation.
So what I found were options in Firefox (and also similar in Edge and Safari.
In firefox, it's currently called HTTP-Only, and you can set it to try
HTTPS first, but then fall back to trying HTTP. (Not ideal because you'll
always have that extra transaction that wastes bandwidth, server CPU, and
elapsed time... but at least it will still work.
Secondly, there is also the ability to define 'exceptions' where you can
add the website to the list of places to NOT default to HTTPS.
Sadly, as the webmaster, I have to tell all of our club members to FIX
their browser, because I can't do anything to our website to fix it globally.
On one of the browsers, I also found another config item related to
'cross-site security', where I told people to add the addresses of our HTTP
cameras. Unfortunately I can't quote which browser, and what it was exactly called.
-- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
