Closed Bug 756137 Opened 12 years ago Closed 12 years ago

switch from http:// to https:// in searches

Categories

(Firefox :: Search, defect)

Product:
Firefox
Component:
Search
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: watsonwebworld, Unassigned)

Details

I was googleing something and I realized http:// was used instead of https:// . In certain cases, this could be an issue for users such as in areas where the local ISPs are attack prone, areas where censorship is an issue and one is searching for certain data, or in an area where data hijacking is a problem. For security reasons, Firefox's Thunderbird's and Seamonkey's searches should be switched to https:// . 
It could violate some of the contracts the Mozilla corp. has with providers, so someone should look over the contracts to ensure compliance. 
For example: The twitter search feature should be switched to https://www.twitter.com by default when someone uses it. This could ensure safety. There could be some providers who don't support it, so we would have to keep them on http.
Mozilla is paid to by search providers include their engine by default. If we switch protocols on them, it could be a contract issue. As a result, I recommend we only implement this on Wikipedia for the first round.
Not a security hole that needs to remain private. This is a duplicate of bug 633773 for Google, and other providers should also have their own bug if there isn't one already.
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → INCOMPLETE
Nate, please file separate bugs for the specific search engines that can be switched to HTTPS. Also, CC Sid Stamm (:geekboy) as he's the one that primarily drove the change for Google that we already did.
Component: Security → Search
QA Contact: firefox → search
You need to log in before you can comment on or make changes to this bug.