Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Stop firefox from forcing https:// even with autofill false and no Strict Transport Security

  • 3 replies
  • 2 have this problem
  • 13 views
  • Last reply by jscher2000

more options

In the last year or so Firefox has changed it's redirect policy towards domains where some subdomains support https and some don't.

Solutions suggested here: https://support.mozilla.org/en-US/questions/1027355

Are blatantly wrong. There is a claim that Firefox is respecting Strict Transport Security, but this is false. In addition, removing the history entry for the domain name does not correct this behavior.

All Replies (3)

more options

It's not removing a history entry, it's using the Forget About This Site feature to clear the Strict Transport Security indication for that domain. (It also clears history, cache, cookies, bookmarks, permissions, and exceptions for the site.) That should work until the site sets it again.

To urge Mozilla to change how STS works across subdomains, you can use the Feedback site. Either:

more options

This is a load of crap. I'm currently troubleshooting Firefox using Internet explorer because Firefox insists on https against all reason. Currently, I can't even access the support forums for Firefox using Firefox because your security certificate is invalid. It is dated some time in the future. I can't report that problem to you because that also is an https link.

I reset all the about:config settings and totally cleared my browser cache and it doesn't matter.

Who do you guys think you are, Apple? Let ME choose, don't force this on me. And especially don't force it if you are going to screw up your own security certificate.

more options

Hi pjcamp, this symptom --

Currently, I can't even access the support forums for Firefox using Firefox because your security certificate is invalid. It is dated some time in the future. I can't report that problem to you because that also is an https link.

-- suggests there is a problem with the clock (date, time or time zone) on your system. Occasionally synchronizing to internet time can cause issues, or it may be that it was manually mis-set.

I have attached a screen shot of the certificate viewer showing that the current certificate for this site took effect Sept. 13, 2015, so as far as I can tell, it's valid now.

Or if you ever added an exception for this site's certificate in the past, you may need to delete it. You can remove saved certificates using the Certificate Manager:

"3-bar" menu button (or Tools menu) > Options

Click Advanced in the left column, then the Certificates mini-tab above the right side.

Click the View Certificates button then, if needed, click the Servers tab. Ignore the servers with * and look for any related to Mozilla. You can individually select and remove those.