为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

How do I stop firefox from forcing me to visit a https version of a page

  • 10 个回答
  • 8 人有此问题
  • 1 次查看
  • 最后回复者为 THRT

more options

When I revisit a site where I have accessed a page via https, FF automatically connects me via HTTPS even if I explicitly ask for HTTP. It is driving me nuts - to the point where I'm actually thinking switching to Chrome is a good idea.

For example, I visit http://www.onlineshop.com which is served via HTTP. At checkout, the site serves the pages over HTTPS.

Whenever I visit http://www.onlineshop.com again, FF automatically forwards me to https://www.onlineshop.com.

This happens for all websites, and it has only started to happen after the latest update to FF. I can't use a server based solution (as this isn't to do with a specific website).

I've tried changing Autofill in the settings - but it isn't an autofill problem. It isn't a problem of what I type in, its a problem of FF forwarding me to the https version of any site.

I've deleted all me cookies, reset all my settings etc but no luck.

Thanks

When I revisit a site where I have accessed a page via https, FF automatically connects me via HTTPS even if I explicitly ask for HTTP. It is driving me nuts - to the point where I'm actually thinking switching to Chrome is a good idea. For example, I visit http://www.onlineshop.com which is served via HTTP. At checkout, the site serves the pages over HTTPS. Whenever I visit http://www.onlineshop.com again, FF automatically forwards me to https://www.onlineshop.com. This happens for all websites, and it has only started to happen after the latest update to FF. I can't use a server based solution (as this isn't to do with a specific website). I've tried changing Autofill in the settings - but it isn't an autofill problem. It isn't a problem of what I type in, its a problem of FF forwarding me to the https version of any site. I've deleted all me cookies, reset all my settings etc but no luck. Thanks

所有回复 (10)

more options

42.0 is out, is the issue still there?

Other than that, I am seeing a bug that might explain things and remains unconfirmed, https://bugzilla.mozilla.org/show_bug.cgi?id=1164262. And of course the answer in https://support.mozilla.org/en-US/questions/935614 with the about:config preference changes.

more options

There are some sites which send Firefox a flag to always use HTTPS, this is the Strict Transport Security (or STS or HSTS) feature and follows the pattern you describe (it only kicks in after you use HTTPS on the site). I'm not sure that "site preference" survives the Refresh procedure (if that's how you reset settings).

But there are many sites that do not send this flag and allow you to use either. For example:

https://jeffersonscher.com/res/jstest.php

http://jeffersonscher.com/res/jstest.php

Are you able to delete the "s" from https in order to load the non-secure version of the page? If you can't, are you sure you don't have an extension like HTTPS Everywhere overriding the normal behavior?

more options

You can remove all data stored in Firefox from a specific domain via "Forget About This Site" in the right-click context menu of an history entry ("History > Show All History" or "View > Sidebar > History") or via the about:permissions page.

Using "Forget About This Site" will remove all data stored in Firefox from that domain like bookmarks, cookies, passwords, cache, history, and exceptions, so be cautious. If you have a password or other data from that domain that you do not want to lose then make sure to backup this data or make a note.

You can't recover from this 'forget' unless you have a backup of the involved files.

If you revisit a 'forgotten' website then data from that website will be saved once again.

more options

Hi jscher2000,

Thanks for the reply.

I don't have the problem when I visit your site. So it is probably to do with STS.

It isn't caused by an extension. I've disabled all, and I still get the bug.

Even if I type in "http://" explicitly, I still get redirected to the https version.

Phoxuponyou - I've just upgraded to 42.0 and I still get the bug. Its a relatively recent thing so it is probably related to an upgrade to 41. 2 that has stayed.

cor-el - Thanks for the answer, but it just isn't practical to "forget" every site every time I visit one. I also don't want to clear all my cookies all the time. They're useful.

more options

Are there particular sites where you want to use HTTP but the site forces HTTPS? Certainly Google and Facebook do that, but others such as Amazon only use HTTPS for some steps in the process and actually redirect to HTTP for most pages.

more options

I'm looking at www.netlawman.co.uk. I'm using a virtual machine (my work set-up) at the moment, and I have the bug. If I use my real PC under the same circumstances then it doesn't happen.

All settings are the same - Win 7, Firefox 42.0, Avira Antivirus (using Windows Firewall), AV plugins and extensions disabled. It doesn't happen with IE or Chrome on the same two systems.

It seems like it could be the bug Phoxuponyou links to. It sounds very similar anyway.

more options

Firefox stores STS data in the moz_hosts table in the permissions.sqlite database file as type of sts/use and sts/subd. You can search the permissions.sqlite database with the SQLite Manager extension for Strict-Transport-Security (sts) records from a specific host (domain).

  • open the permissions.sqlite database in the current profile folder
  • select the moz_hosts table
  • go to the Browse and Search tab
  • click the search button
  • set the host (TEXT) filter to "contains": "<host_name>"
  • set type (TEXT) field to "contains": "sts"
  • click OK to start the search
more options

Since the issue only occurs in the VM, perhaps there is a proxy that is affecting the headers? Definitely a challenge to investigate.

more options

I cannot replicate the issue on my Firefox 41.0.2 in Win7HP64 by visiting www.netlawman.co.uk.

I can go in on HTTP, then try to sign in (HTTPS turns on), go to Basket (HTTPS stays on), and exit Firefox. When I go back to the URL without defining the protocol in the address I get the standard HTTP front page. Same result whether I type the URL or click the link in this thread, or whether I go back to plain HTTP before exiting Firefox.

Since it's a VM environment, the routing scenario is not exactly standard - but as jscher said, Firefox should only take issue with the headers/flag. One place to start looking would be the table pointed out by cor-el.

more options

jscher2000 - It shouldn't be a VM issue should it, as other browsers work fine. It is also a very recent problem. I've been using FF for years in this VM and it has been fine.

Phoxuponyou - if it is the same issue that was reported and you pointed me to, then it only seems to affect some users. Perhaps I am one of those users.

cor-el - I downloaded the plug-in and "connected" to the database you suggested under my "Roaming" profile (the database doesn't exist under the other two profiles). The file size is 128kb, which is much smaller than any of the other databases in that folder. In the database, I have 1 maser table, 3 tables and no views, indexes or triggers. I search the moz_hosts file as you say. I enter the information you told me to enter, press OK and it returns no results. Regardless of what I enter, there are no results (i.e. if I enter type contains sts and leave the host field blank). Could this table be empty? I've checked the database integrity and it is fine. But if I try to explore for data, there doesn't seem to be any.

I've also remembered that I have had FF crashing fairly often as well recently. On loading a webpage, it just crashes and exits out. I then have to reload. Perhaps not the most helpful report by me, but it might be relevant.