Firefox 80 adds a UI to Settings to enable HTTPS-Only Mode

Mozilla now offers a UI in Privacy and Security settings of Firefox browser for users to enable HTTPs-only mode in normal or private browsing mode. The feature is disabled by default in Nightly.

What is HTTPS-only Mode?

Firefox’s HTTPS-only mode upgrades all insecure connections to HTTPS in the browser.

For instance, if you visit an HTTP site, all HTTP requests will be automatically changed to HTTPS.

Firefox tries to upgrade subresources of a site such as images scripts and CSS files to HTTPS, if Firefox fails to load a site, it shows an error and suggests to go back.

You can navigate to the website by clicking the “Accept the Risk and continue” button.

Here is the text in the error message:

“Fire

fox detected a potential security issue”.

“You’re browsing in HTTPS-Only Mode, and a secure HTTPS version of .. website is not available”.

What could be causing this?

Most likely, the website simply does not support HTTPS.

It’s also possible that an attacker is involved. If you decide to visit the website, you should not enter any sensitive information like passwords, emails, or credit card details.

Firefox’s new security feature may make HTTPS Everywhere add-on redundant when Mozilla makes it part of the browser. The extension changes HTTP sites to HTTPS sites.

The HTT

PS-only mode was introduced behind a pref in about:config in Firefox76. It is still an experimental feature and some websites may not load in Firefox when enabled.

Mozilla now allows to easily enable the feature via a UI in privacy & Security on about:Preferences of Firefox 80, which is in Nightly.