this post was submitted on 22 Jan 2024
96 points (99.0% liked)

Firefox

17955 readers
625 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

This has started happening a while ago (previously there was not perceptible delay) and luckily I don't have to visit HTTP sites very often but it is annoying and I would like to get rid of it.

I know HTTP is bad TYVM. I only use this HTTPS-only mode to forcibly upgrade to HTTPS whenever possible and be notified if it doesn't work.

Does anyone know why this is happening and how to disable it?

#Firefox @[email protected]

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 29 points 10 months ago (4 children)

I wish the invalid SSL cert warning and the password field on HTTP warning could be permanently disabled for all private IP ranges. They are incredibly annoying.

[–] [email protected] 5 points 10 months ago (2 children)

That would mean malware can use your local ip and hostfile for mitm attacks.

[–] [email protected] 12 points 10 months ago

Isn't it already game over if malware can write into your hostfile? At least on Windows you need some elevated access for it, which means such malware could just read/write the target program's memory directly instead of resorting to clunky MitM.

load more comments (1 replies)
load more comments (2 replies)