Stop firefox from forcing https:// even with autofill false and no Strict Transport Security
In the last year or so Firefox has changed it's redirect policy towards domains where some subdomains support https and some don't.
Solutions suggested here: https://support.mozilla.org/en-US/questions/1027355
Are blatantly wrong. There is a claim that Firefox is respecting Strict Transport Security, but this is false. In addition, removing the history entry for the domain name does not correct this behavior.
All Replies (3)
It's not removing a history entry, it's using the Forget About This Site feature to clear the Strict Transport Security indication for that domain. (It also clears history, cache, cookies, bookmarks, permissions, and exceptions for the site.) That should work until the site sets it again.
To urge Mozilla to change how STS works across subdomains, you can use the Feedback site. Either:
- Help > Submit Feedback
- https://input.mozilla.org/feedback
This is a load of crap. I'm currently troubleshooting Firefox using Internet explorer because Firefox insists on https against all reason. Currently, I can't even access the support forums for Firefox using Firefox because your security certificate is invalid. It is dated some time in the future. I can't report that problem to you because that also is an https link.
I reset all the about:config settings and totally cleared my browser cache and it doesn't matter.
Who do you guys think you are, Apple? Let ME choose, don't force this on me. And especially don't force it if you are going to screw up your own security certificate.
Hi pjcamp, this symptom --
Currently, I can't even access the support forums for Firefox using Firefox because your security certificate is invalid. It is dated some time in the future. I can't report that problem to you because that also is an https link.
-- suggests there is a problem with the clock (date, time or time zone) on your system. Occasionally synchronizing to internet time can cause issues, or it may be that it was manually mis-set.
I have attached a screen shot of the certificate viewer showing that the current certificate for this site took effect Sept. 13, 2015, so as far as I can tell, it's valid now.
Or if you ever added an exception for this site's certificate in the past, you may need to delete it. You can remove saved certificates using the Certificate Manager:
"3-bar" menu button (or Tools menu) > Options
Click Advanced in the left column, then the Certificates mini-tab above the right side.
Click the View Certificates button then, if needed, click the Servers tab. Ignore the servers with * and look for any related to Mozilla. You can individually select and remove those.