Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Securely connect to websites via https first by default, if not then, use http as fallback. This will prevent downgrade attacks.

  • 2 réponses
  • 1 a ce problème
  • 17 vues
  • Dernière réponse par cor-el

more options

I have a suggestion. I would like for browsers to connect securely via https first by default to websites. When the browser checks that https is not supported by the website, it should downgrade to http, so do invalid certificates. This will prevent downgrade attacks and make HSTS headers optional. Browsers for years have been connecting to http by default, which I feel is a security risk. A kind of design flaw. Is an option to connect to https first by default a good idea?

I have a suggestion. I would like for browsers to connect securely via https first by default to websites. When the browser checks that https is not supported by the website, it should downgrade to http, so do invalid certificates. This will prevent downgrade attacks and make HSTS headers optional. Browsers for years have been connecting to http by default, which I feel is a security risk. A kind of design flaw. Is an option to connect to https first by default a good idea?

Toutes les réponses (2)

more options

You may submit suggestions to the developers here: https://input.mozilla.org/en-US/feedback

more options

See: