We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox forcing https

more options

I'm a web developer and starting today I have an issue where I cannot access sites over http, I automatically get redirected to https. Since I'm running locally I don't have certificates installed. I have tried Private Browsing and looking for any entries in the SiteSecurityServiceState.txt file (there were none). The site can be accessed fine in edge over http, I can't test in chrome though as I use a .dev domain. Running Developer Edition 59.0b7, I don't see any release notes that would indicate a change in this behavior.

I'm a web developer and starting today I have an issue where I cannot access sites over http, I automatically get redirected to https. Since I'm running locally I don't have certificates installed. I have tried Private Browsing and looking for any entries in the SiteSecurityServiceState.txt file (there were none). The site can be accessed fine in edge over http, I can't test in chrome though as I use a .dev domain. Running Developer Edition 59.0b7, I don't see any release notes that would indicate a change in this behavior.

All Replies (9)

more options

That comes from the site it's not something the Browser can change if the site requires https then it will have to be https. Certificates only come from the site mozilla can't provide that. If there is a issue with the site then you have to contact their webmaster.

more options

This is a site running on local IIS server, the config does not require https as shown by the fact that I can browse http on Edge.

more options

Sounds like it could be software security related? What addons do you have loaded in FF?

more options

Only security software running is Windows Defender

FF Addons: Font Finder Katalon Recorder React Developer Tools TMetric – Time Tracker & Productivity App Trello Card ID

more options

Just an update to this, I changed the binding name in IIS and updated the entry in the hosts file and am no longer getting sent to https. Definitely Firefox is making assumptions about that other domain. Not sure if it matters but I did update binding to be .com and not .dev (so I can test in chrome).

more options

Chosen Solution

more options

Thanks philpp. I've known chrome has done this for a while, a couple of us at the office moved to firefox for this reason. I'm surprised information on firefox forcing this is so sparse, looks like that first article was updated the same day I posted.

more options

If there was actually a good reason for doing this, I'd not be super pissed off right now. There should at least be some way to disable this. It reminds me of how people say not to use target="_blank", but for some reason hijacking my local dev is OK? Straight BS.

more options

Of related use (which actually solved my problem):

The webserver may have "Strict-Transport-Security" switched on, which causes Firefox to immediately switch https.

"Stop firefox from forcing https:// even with autofill false"

https://support.mozilla.org/en-US/questions/1027355