This thread was archived. Please ask a new question if you need help.
Firefox keeps redirecting http to https, and I need to tell it not to for a specific site
I have an ssh tunnel that I am using to access an AWS ElasticSearch instance running in AWS, so that I can see Kibana in my browser. The tunnel is necessary because access is only allowed through a specific jump/gateway host that we have setup (this is very standard).
I used to be able to access this just fine with http://localhost:9200/_plugin/kibana But then ElasticSearch updated something to require that the 'HOST' header contain the original host, ie: search-blahblahblahblah.us-east-1.es.amazonaws.com
Ok, no matter, I'll just add an entry to my hosts file: 127.0.0.1 search-blahblahblahblah.us-east-1.es.amazonaws.com
Now, I can curl just fine, and using Chrome works just fine too: http://search-blahblahblahblah.us-east-1.es.amazonaws.com:9200/_plugin/kibana
But every time I try to use Firefox, it replaces the http with https, which obviously doesn't work because the tunnel is to port 80.
Yes, I realize that *.amazonaws.com is owned by Amazon and they have an SSL cert.
I have read a similar ticket, here: https://support.mozilla.org/en-US/questions/1209387 The acceptable answer in that ticket seemed to be to use a different domain for local development, which shouldn't be too hard to do, but in my case this is not a usable answer.
I should be able to override Firefox and tell it not to change a URL that I have put into it, at least for specific sites.
All Replies (7)
Can you disable HTTPS mode if you click the padlock in the location bar and disable HTTPS-Only for this origin ?
There is no padlock in the location bar, only an (i) info button, which when clicked on tells me the site is not secure. There is no option to disable https-only anywhere that I can see.
Try to reload the page via F5 to see if that gives another error page.
F5 doesn't do anything, it is still trying to do https instead of the http i requested.
The point is whether you get a padlock after the reload.
You can check in "Options/Preferences -> Privacy & Security" if HTTPS-Only is enabled.
HTTPS-Only mode is not enabled. (It is "Don’t enable HTTPS-Only Mode")
Starting with FireFox 87 I am unable to download files because it changes http:// to https://. HTTPS-Only mode is not enabled. I wish I had not permitted the update!
This is extremely frustrating! Despite FireFox's many features, this change will force me to fall back to Safari as my go-to browser. Safari does put up a "not secure" warning but does allow one to proceed.
A better solution would be to put up a warning dialog and allow the user to choose whether to continue with the insecure http, or to accept Mozilla's advice and not proceed.
A dictatorial "You will do it MY way, and only my way" is not an appropriate solution for software with a large sophisticated user community.