When I run a Google search for site:fast-edgar.com, the results use http and not https. So perhaps the HTTPS addresses are not always available. That is a problem with this feature, Firefox may try HTTPS when it's not available.

I do not understand what jscher2000 means by "That is a problem with this feature, Firefox may try HTTPS when it's not available.", but the fast-edgar link was just an example that happened to be the last very probably legitimate httpd:// website that I encountered this problem with. I didn't want to use an example of a link from a commercial website or an email because that just seems to inspire discussion of tracking sites. I encounter the problem of the HTTPS-Only mode blocking sites with https:// addresses with most of the useful-looking links that I try to follow. The HTTPS-Only mode seems like a good idea but it doesn't work, and I was hoping that it could be fixed. Other users have submitted the problem and the replies always seem to be musings about what the person pointing out the problem is doing wrong, then the thread is archived. I was hoping that I could get someone to look at the code to see if it can be made to work as expected.

I do not understand what jscher2000 means by "That is a problem with this feature, Firefox may try HTTPS when it's not available.", but the fast-edgar link was just an example that happened to be the last very probably legitimate httpd:// website that I encountered this problem with.

What I mean is that the feature doesn't always recognize when a site does not work with HTTPS.

I have HTTPS Only mode turned off, and I cannot connect to that site using HTTPS. How did you confirm it works with HTTPS -- did you test in a different browser? When I test in Edge, it cannot connect there using HTTPS either.

The problem is that the HTTPS-Only mode blocks websites that ARE secure https websites. I very often get the blocked site notification when trying to navigate to a website with a https:// URL as shown in the address bar of the blocked site notification page. As an example, please see the attached screenshot labeled "FEC 1 . . .". You will see that the URL in the address bar begins with https://. If I then click on the button labeled "Continue to http Site" I am taken to the website. As an example, please see the attached screenshot labeled "FEC 2. . .". The URL in the address bar of the website is exactly the same as shown in the address bar of the blocked site notification page. It still begins with https://, which I believe indicates that it is a secure https website. If I am confident enough in the security of the page I am trying to navigate to, I can ignore the warning and click on the "Continue to http Site" button to bypass the site blocking, but in that case the HTTPS-Only mode serves no purpose except to slow down access to the site. The frustration that I experience with the HTTPS-Only mode really occurs when I am trying to navigate to a website that I am completely unfamiliar with, that I believe might contain information that I need, and that displays an https:// address in the address bar when it is blocked by the HTTPS-Only mode. I do not want to take a chance of visiting a dodgy website but since I know that cannot rely on the Firefox HTTPS-Only mode to identify an https site (as illustrated by the example of the accessing the FEC website), I suspect that I might be bypassing perfectly secure and helpful https:// websites. The HTTPS-Only mode seems like a really good idea, and I wish it could be fixed so that I could rely on it to warn me when I am trying to navigate to an unsecured website without blocking secure https websites.

That is a strange example. I don't know why Firefox is failing to detect HTTPS support in the first screenshot. If you reload the page bypassing the cache (Shift+click the Reload button, or Ctrl+Shift+R), does Firefox do any better on the second try?

As an aside, I do want to mention that I have a different perspective on this part:

The frustration that I experience with the HTTPS-Only mode really occurs when I am trying to navigate to a website that I am completely unfamiliar with, that I believe might contain information that I need, and that displays an https:// address in the address bar when it is blocked by the HTTPS-Only mode. I do not want to take a chance of visiting a dodgy website but since I know that cannot rely on the Firefox HTTPS-Only mode to identify an https site (as illustrated by the example of the accessing the FEC website), I suspect that I might be bypassing perfectly secure and helpful https:// websites.

When a site offers an HTTPS connection, you know two things:

(1) Your browser is verifying that the certificate presented by the site matches its address, so you are not connecting to an impostor server for that site

(2) Your communications with the site are encrypted for privacy so your login or other sensitive data cannot be read in transit

But HTTPS doesn't assure you that the operator of the site is trustworthy. The entire phishing scam industry uses HTTPS sites, or they wouldn't fool anyone with their fakes. So in that regard, HTTPS doesn't guarantee much, and HTTP sites can be equally trustworthy.