Open Bug 1658266 Opened 4 years ago Updated 1 year ago

Consider enabling HTTPS-Only Mode in Prviate-Browsing Mode in Nightly by default

Categories

(Core :: DOM: Security, task, P3)

task

Tracking

()

People

(Reporter: ckerschb, Unassigned)

References

(Depends on 1 open bug, Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

Attachments

(1 obsolete file)

I think we are getting to a point where HTTPS-Only Mode is providing solid value to end users so that with current UI it's easily usable and understandable for end users to overwrite a page in case it's not available over https.

Let's wait till we have landed:

Blocks: 1658267

We have landed the bugs mentioned in comment 0. Is it time?

Flags: needinfo?(ckerschb)
See Also: → 459495

Yeah, I think it is, or at least we are very close to enabling it by default in PBM in Nightly. Probably early in 2021 we are going to flip the switch.

Flags: needinfo?(ckerschb)

I guess the plan is that we first expose the pref in about:privatebrowsing so that private browsing users have at least some sense that https-only mode is enabled (see Bug 1686770) and then we can enable https-only by default in PBM in Nightly within this bug.

Depends on: 1686770
Attachment #9169381 - Attachment is obsolete: true
Assignee: ckerschb → nobody
Status: ASSIGNED → NEW
Priority: P1 → P3
Whiteboard: [domsecurity-active] → [domsecurity-backlog1]
See Also: 459495
No longer blocks: 1658267
See Also: → 1658267
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: