
Firefox keeps redirecting http to https, and I need to tell it not to for a specific site
I have an ssh tunnel that I am using to access an AWS ElasticSearch instance running in AWS, so that I can see Kibana in my browser. The tunnel is necessary because access is only allowed through a specific jump/gateway host that we have setup (this is very standard).
I used to be able to access this just fine with http://localhost:9200/_plugin/kibana But then ElasticSearch updated something to require that the 'HOST' header contain the original host, ie: search-blahblahblahblah.us-east-1.es.amazonaws.com
Ok, no matter, I'll just add an entry to my hosts file: 127.0.0.1 search-blahblahblahblah.us-east-1.es.amazonaws.com
Now, I can curl just fine, and using Chrome works just fine too: http://search-blahblahblahblah.us-east-1.es.amazonaws.com:9200/_plugin/kibana
But every time I try to use Firefox, it replaces the http with https, which obviously doesn't work because the tunnel is to port 80.
Yes, I realize that *.amazonaws.com is owned by Amazon and they have an SSL cert.
I have read a similar ticket, here: https://support.mozilla.org/en-US/questions/1209387 The acceptable answer in that ticket seemed to be to use a different domain for local development, which shouldn't be too hard to do, but in my case this is not a usable answer.
I should be able to override Firefox and tell it not to change a URL that I have put into it, at least for specific sites.
All Replies (6)
Can you disable HTTPS mode if you click the padlock in the location bar and disable HTTPS-Only for this origin ?
There is no padlock in the location bar, only an (i) info button, which when clicked on tells me the site is not secure. There is no option to disable https-only anywhere that I can see.
Try to reload the page via F5 to see if that gives another error page.
F5 doesn't do anything, it is still trying to do https instead of the http i requested.
The point is whether you get a padlock after the reload.
You can check in "Options/Preferences -> Privacy & Security" if HTTPS-Only is enabled.
HTTPS-Only mode is not enabled. (It is "Don’t enable HTTPS-Only Mode")