search

chromium / badssl.com

:lock: Memorable site for testing clients against bad SSL configs.
https://badssl.com
Apache License 2.0
2.78k stars 186 forks source link

mixed-script.badssl.com doesn't exactly work with HTTPS only mode in Firefox #489

Open JacksonChen666 opened 2 years ago

JacksonChen666 commented 2 years ago
A picture of mixed-script.badssl.com with a red background with developer tools showing that the requests are made only over https and excluding http

mixed-script does not exactly work as expected with Firefox HTTPS only mode, because the insecure resources are still served over HTTPS. I have not tested with this extension however. It may not be the same as Firefox built in HTTPS only mode.

janbrasna commented 2 years ago

Possible duplicate of #459

Given the "(upgraded to HTTPS)" detail it sounds like an opt-in support of autoupgrade mentioned by: