Open Bug 1427533 Opened 2 years ago Updated 10 months ago

HTTPS support for topdomains list

Categories

(Firefox for Android :: Awesomescreen, enhancement, P3)

All
Android
enhancement

Tracking

()

People

(Reporter: JanH, Unassigned, NeedInfo)

References

(Depends on 2 open bugs)

Details

There are two parts to this:
1. Figure out which domains from our topdomains list should be loaded using HTTPS by default and update the list accordingly (and ideally bug 1341591 would also lead to a better process for getting that list updated again on more regular schedule).
2. Update our autocompletion fallback code to work with this (the groundwork for this should already be done by bug 1427500).
I don't know the detail but this sounds more like a feature than a bug. As the direction of Fennec is not yet confirm, I would set it P3 for now.
Priority: -- → P3
Can i go more far, saying all autocompletion topdomain MUST support https? Can we consider non-https to be insecure? How many non-https are in the list, will it be a big tradeoff?
Remove any sites not handling valid https protocol in Sanitizing Methods?
https://hg.mozilla.org/mozilla-central/rev/bc2500badca2
Flags: needinfo?(mark.finkle)
See Also: → 1487307
(In reply to Villa from comment #2)
> Can i go more far, saying all autocompletion topdomain MUST support https?
> Can we consider non-https to be insecure? How many non-https are in the
> list, will it be a big tradeoff?

Could be an idea, but our autocompletion code will probably still require updating in order for this to work.
Duplicate of this bug: 1503429
You need to log in before you can comment on or make changes to this bug.