5 years ago, I asked the same question here, and I found a silly solution, and I use it till now. https://support.mozilla.org/en-US/questions/1077063 ''' Why you ask again ? ''' Today the version of Firefox have been upgraded from 39 to 62, so I want to ask again, does Firefox add some flexiable settings to turn it off? Modify xul.dll is still work, but I find a file called xul.dll.sig inside the Firefox folder. I'm afraid the file will be checked in the future release. ''' Why you want to turn it off? ''' Because I'm living in China, the firewall block the google's sites. But some sites use jquery from google (eg: stackoverflow). I make a mirror site on my computer, and redirect ajax.googleapis.com to localhost by edit the hosts file. ''' Solutions (not work) I have tested ''' * Forget this site. * Delete line in SiteSecurityServiceState.txt (ajax.googleapis.com isn't found in this file) * Set "network.stricttransportsecurity.preloadlist" to false * Set "security.mixed_content.send_hsts_priming" to false * Set "security.mixed_content.use_hsts" to false