Firefox 社群討論區

Hi there.

Since quite a while Firefox is trying to enhance our browsing security by "upgrading" connections from "http" to "https." This may generally be a good idea, but it is literally driving me crazy at the moment because it also does so for "internal" sites I host within my LAN (such as my "Home Assistant" instance or a Zigbee coordinator, accessible via its own hostname and web UI). However, these connections will fail, because I don't have certificates for my internal hosts, and thus there is no "https" listener. :-(

(I use my own subdomain "<host>.city.internal.example.org" internally, so Firefox may be confused?)

I feel this behavior has become "more aggressive" within the last few days, so maybe it is due to a Firefox update?

Is there a bullet-proof way to prevent Firefox from doing so?

I've already set the below options to false: - dom.security.https_first - dom.security.https_first_for_custom_ports - dom.security.https_first_for_local_addresses - dom.security.https_first_for_unknown_suffixes - dom.security.https_first_pbm - dom.security.https_first_schemeless - dom.security.https_only_mode - dom.security.https_only_mode.upgrade_local - dom.security.https_only_mode_pbm

Help, please!

I'm close to abandoning Firefox in favor of a different browser, because at the moment it's close to being unusable for me anymore... :-(

Kind regards,

Ralf

I've disabled HTTPS only mode. When i enter a local http://server.localdomain server Firefox upgrades that to https://server.localdomain. How do I disable that?

Recently I set up mTLS on my admin endpoint. I tried entering it as an API on the other website, and in Firefox it wouldn't work. But if I'd try to access endpoint directly it would work, and even save my certificate choice. In Chrome, everything works just fine with both direct and API access. It is not a problem of a website, nor the problem of the OPTIONS preflight, since both of those are configured correctly on my nginx.

passport.moi.gov.af has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site.

The issue is most likely with the website, and there is nothing you can do to resolve it. You can notify the website’s administrator about the problem.

when managing an extension, you describe all the things it can do such as read anything on your computer. But you never say what the consequences might be, such as stealing or selling your info. Why don't you tell the reader what the consequences might be?

I downloads Firefox, Firefox Nightly, Firefox Developer.

All edition not write SSLKEYLOG to file.

I set the SSLKEYLOGFILE env.

How to enable ssl key log file?

I think there is a potential security threat and did not continue to www.google.com Please help me to resolve the problem.

Isaac

I am trying to login to email service tuta.com. Due to malicious actors, the site is being blocked by Firefox when it should NOT be. Malicious actors have made false reports to create a DDOS on Tuta. When I try to connect to the site I get this message: "Did Not Connect: Potential Security Issue"

How do I tell Firefox to stop blocking this site as there is NOT a security issue.

Open my desktop and NordVPN starts up. The Firefox extension frequently shows I an not connected via the VPN whilst Nord says I am. I have in the past clicked on the extension to connect the VPN and this has worked but recently I just get an error. Same thing occurs with NordPass.

Hello if i enter proxy and ip address in firefox in Manual proxy configuration section then when i open a website its asks for username and password my question is can proxy owner see my data and i am using https websites like post data ?

I am using Firefox version 140.4.0esr (64bit) Only on Firefox: when trying to connect with Pirates' web page, I have a block which reads:

Security Connection Failed - no common encription algorithems      Error Code: ssl_error_no_cypher overlap

To The Official Site of The Pittsburgh Pirates/pirates.com:Homepage

I have tried to contact them with no luck.

Can you help?

Thanks,

David Martin ([edited email from public community support forum])

Warning: Potential Security Risk Ahead

Firefox detected an issue and did not continue to dinajpureducationboard.gov.bd. The website is either misconfigured or your computer clock is set to the wrong time.

It’s likely the website’s certificate is expired, which prevents Firefox from connecting securely. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.

What can you do about it?

The issue is most likely with the website, and there is nothing you can do to resolve it. You can notify the website’s administrator about the problem.

My mobile package site shows mixed-content warnings on Firefox — how can I fix this? Hello everyone, I run a website, which provides information about mobile phone prices and SIM packages in Bangladesh. Recently, I noticed that when users visit some pages in Firefox, the browser shows a “mixed-content” warning or blocks certain scripts. The same pages load fine in Chrome. All my URLs use HTTPS, and I’m using a LiteSpeed server with Cloudflare CDN. Could this issue be related to how Firefox handles external resources (like embedded operator banners or analytics scripts)? What’s the best way to debug and fix mixed-content problems in Firefox Developer Tools? Any detailed guidance or best practices would be greatly appreciated. Thanks in advance!

My broadband router set ip address is not secure as it's HTTP What is the solution to able me to access my home router via Wifi in the same location of course which is at home?