Avatar for Username

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

Firefox (current) Iceweasel 38.5.0ESR always rewrites http://wikipedia.org to https://wikipedia.org

  • 3 antwurd
  • 1 hat dit probleem
  • 6 werjeftes
  • Lêste antwurd fan bkervaski

bkervaski
bkervaski
more options

Odd behavior, Firefox (current) Iceweasel 38.5.0ESR always rewrite the "HTTP" with "HTTPS" when accessing wikipedia.org or any subdomain thereof.

No plugins, clean installs (even OS installs), no cache, no bookmarks, nothing. I even deleted the search provider XML file and manually removed all caches and setting files.

No proxies, no DNS redirects, it's not HTTP headers (as the browser OS isn't connected to any network).

Any ideas?

Odd behavior, Firefox (current) Iceweasel 38.5.0ESR always rewrite the "HTTP" with "HTTPS" when accessing wikipedia.org or any subdomain thereof. No plugins, clean installs (even OS installs), no cache, no bookmarks, nothing. I even deleted the search provider XML file and manually removed all caches and setting files. No proxies, no DNS redirects, it's not HTTP headers (as the browser OS isn't connected to any network). Any ideas?

Keazen oplossing

Okay, figured it out, what a pain.

If you run Firefox/Iceweasel for the first time connected to the internet the wikipedia search provider reaches out to https://wikipedia.org at which point the wikipedia web servers send back HTTP Strict Transport Security (HSTS) headers.

Now Firefox/Iceweasel stores that *.wikipedia.org and won't let you connect without HTTPS ever again, no matter how much you beg and plea and try faking it out with self-signed certs.

To resolve this issue easily I installed the "Force-TLS" add-on which lets you manage that backing store, then using that add-on created an exception for *.wikipedia.org, tested. Afterwards I removed the add-on completely and everything is the way I need it.

However, if you connect back to the public internet and go to https://wikipedia.org the cycle starts over (assuming they still hand out those headers, it appears not all of their web servers do).

I would like to know where the "never connect with HTTP again since HSTS headers were received" bit is stored just out of curiosity.

Dit antwurd yn kontekst lêze 👍 0

Alle antwurden (3)

bkervaski
bkervaski Fraacheigener
more options

Keazen oplossing

Okay, figured it out, what a pain.

If you run Firefox/Iceweasel for the first time connected to the internet the wikipedia search provider reaches out to https://wikipedia.org at which point the wikipedia web servers send back HTTP Strict Transport Security (HSTS) headers.

Now Firefox/Iceweasel stores that *.wikipedia.org and won't let you connect without HTTPS ever again, no matter how much you beg and plea and try faking it out with self-signed certs.

To resolve this issue easily I installed the "Force-TLS" add-on which lets you manage that backing store, then using that add-on created an exception for *.wikipedia.org, tested. Afterwards I removed the add-on completely and everything is the way I need it.

However, if you connect back to the public internet and go to https://wikipedia.org the cycle starts over (assuming they still hand out those headers, it appears not all of their web servers do).

I would like to know where the "never connect with HTTP again since HSTS headers were received" bit is stored just out of curiosity.

Bewurke troch bkervaski op

FredMcD
FredMcD
more options

That was very good work. Well Done. Please flag your last post as Solved Problem so others will know.

The only difference between "HTTP" and "HTTPS" is that the latter means the link is secured.

bkervaski
bkervaski Fraacheigener
more options

This fixes it without the nasty plugin:

about:config New value (right click) "Integer”, “test.currentTimeOffsetSeconds”,“11491200”