Avatar for Username

Hilfe durchsuchen

Vorsicht vor Support-Betrug: Wir fordern Sie niemals auf, eine Telefonnummer anzurufen, eine SMS an eine Telefonnummer zu senden oder persönliche Daten preiszugeben. Bitte melden Sie verdächtige Aktivitäten über die Funktion „Missbrauch melden“.

Weitere Informationen

Dieses Thema wurde archiviert. Bitte stellen Sie eine neue Frage, wenn Sie Hilfe benötigen.

Securely connect to websites via https first by default, if not then, use http as fallback. This will prevent downgrade attacks.

  • 2 Antworten
  • 1 hat dieses Problem
  • 17 Aufrufe
  • Letzte Antwort von cor-el

TheInfernoX
TheInfernoX
more options

I have a suggestion. I would like for browsers to connect securely via https first by default to websites. When the browser checks that https is not supported by the website, it should downgrade to http, so do invalid certificates. This will prevent downgrade attacks and make HSTS headers optional. Browsers for years have been connecting to http by default, which I feel is a security risk. A kind of design flaw. Is an option to connect to https first by default a good idea?

I have a suggestion. I would like for browsers to connect securely via https first by default to websites. When the browser checks that https is not supported by the website, it should downgrade to http, so do invalid certificates. This will prevent downgrade attacks and make HSTS headers optional. Browsers for years have been connecting to http by default, which I feel is a security risk. A kind of design flaw. Is an option to connect to https first by default a good idea?

Alle Antworten (2)

the-edmeister
the-edmeister
  • Moderator
more options

You may submit suggestions to the developers here: https://input.mozilla.org/en-US/feedback

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

See: