User Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:14.0) Gecko/20100101 Firefox/14.0.1 Build ID: 20120713134347 Steps to reproduce: Start with a fresh browser profile (created via firefox --ProfileManager). Clear the URL bar, then type "google.com<enter>". You will be taken to "www.google.com" (http://, apparently). Clear the URL bar, then type "https://www.google.com". You will be taken to "www.google.com", not to the SSL site. This is broken, but isn't the main bug I wish to report. With www.google.com still in the URL bar, click at the front of the URL and prepend "https://". This will, properly, take you to the SSL site. Now, repeat the first step. Clear the URL bar, then type "google.com<enter>". Actual results: I was taken to the SSL site, https://www.google.com/, rather than to the Expected results: As I did not request HTTPS, I should have been taken to the http://www.google.com site. While this does not matter much for Google, for sites which provide different functions for their HTTP and HTTPS sites the problem can be huge. We run an e-commerce site at www.trocadero.com, with merchant login and shopping cart functionality on https://www.trocadero.com. We use redirects from trocadero.com to www.trocadero.com to preserve a canonical URL scheme. Try the following: -- Type "trocadero.com" into the URL bar. Note that you are directed to the Trocadero home catalog page at http://www.trocadero.com -- Go to http://www.trocadero.com/zenkitsch/items/844697/item844697store.html, and click the "Order/Inquire" button. You will be taken to a secure page under https://www.trocadero.com -- Clear the URL bar, and type "trocadero.com" into it. You are now taken to https://www.trocadero.com, the SSL site.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 781617
You need to log in before you can comment on or make changes to this bug.