Firefox seems to block some HTTPS sites in "HTTPS-Only" mode
I selected the new HTTPS-Only mode in Firefox 83.0, and some URLs are being blocked, followed by the "Secure Connection Not Available" message. Yet, when I click "Continue to the HTTP site," the site URL is HTTPS, and the grey lock in the URL bar is in the fully secure position. Please let me know what this means, or whether this is a bug to be worked out. Thanks in advance.
Chosen solution
If you click a link in an email then the link might go through special scan filter as an intermediate redirect and if the protocol for the link isn't specified or is http then you can end up as http and not https.
Read this answer in context 👍 1All Replies (6)
It is possible that there is some redirect on the server that only works via HTTP.
Is the resulting URL in the location bar the same ?
If you use a bookmark to access a specific page then instead navigate to this page starting with the main page or with the sign in page in case there is a problem with this bookmark.
Thanks for the quick reply. I will be more mindful about how I have accessed the blocked pages to see if there is a pattern. The most recent incident occurred when I clicked on a link from a trusted source in an email. I'm not certain, but I'm pretty sure the other times the issue occurred when I clicked external links on web pages. The issue hasn't occurred with bookmarked pages at all.
Chosen Solution
If you click a link in an email then the link might go through special scan filter as an intermediate redirect and if the protocol for the link isn't specified or is http then you can end up as http and not https.
cor-el, Thanks for clarifying. Have a good weekend!
I'm experiencing the same thing, only evidently even more commonly - a very large percentage of the sites I access cause this warning message to pop up and make me click through it, even though the URL quoted in the warning begins with HTTPS. It's very annoying.
When I click on links from emails, I often get the warning, click through it and end up at a site with a locked padlock icon. So: the HTTPS-only warning is pretty much useless since I always bypass it to see if it's true. (I guess it's reminding me to look for the locked padlock.) Let me know when there's a solution.