We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Avatar for Username

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Wildcard in hostname exception for builtin HTTPS-Only mode

  • 3 antwoorden
  • 0 hebben dit probleem
  • 8 weergaven
  • Laatste antwoord van Eleven

Eleven
Eleven
more options

Hello, thanks for viewing this question.

I used to use EFF's https-everywhere plugin and it used to support wildcard in hostname exception, though I could not add one now.

But that plugin will be at end of maintenance at 2023, so I would like to change to Firefox builtin feature. I tried to add a wildcard in hostname, like *.gov.cn, or *.edu.cn, but when I tried to add it to exception list, the browser prompts invalid hostname. I know wildcard will expose way too many security problems, but I am aware of (most of) them and just want to have it ruled out.

I cannot contact China government or universities to make them deploy HTTPS on their sites, and there are so many sites to add, which means the list will be like an explosion, but if I can add a wildcard, like in the builtin no-proxy setting (.gov.cn applies to all domains end with gov.cn), the list will be neat and simple.

So is there a way to achieve this?

Hello, thanks for viewing this question. I used to use EFF's https-everywhere plugin and it used to support wildcard in hostname exception, though I could not add one now. But that plugin will be at end of maintenance at 2023, so I would like to change to Firefox builtin feature. I tried to add a wildcard in hostname, like *.gov.cn, or *.edu.cn, but when I tried to add it to exception list, the browser prompts invalid hostname. I know wildcard will expose way too many security problems, but I am aware of (most of) them and just want to have it ruled out. I cannot contact China government or universities to make them deploy HTTPS on their sites, and there are so many sites to add, which means the list will be like an explosion, but if I can add a wildcard, like in the builtin no-proxy setting (.gov.cn applies to all domains end with gov.cn), the list will be neat and simple. So is there a way to achieve this?

Alle antwoorden (3)

Eleven
Eleven Vraageigenaar
more options

Dropa said
Wild card is one reason for security issues and that is why it's not used or a permitted action. So you will have to know the general URL or direct link to the site to access them. And for that you would need to contact their support to find the right links to get directly to them.

Thank you for that, Dropa. So this feature seems to be disabled by design, I understand this is for the sake of security. Security and high flexibility are the reasons why I choose Firefox, so I am relaxed about this now.

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You can create an exception for the top level domain to include the sub domains.

Eleven
Eleven Vraageigenaar
more options

cor-el said
You can create an exception for the top level domain to include the sub domains.

Sorry for my later reply. Thank you for that. I already tried this but in vain. That was why I posted a question here.

To be more specific, the domain for National Bureau of Statistics of China is "www.stats.gov.cn", which is a subdomain of "gov.cn" and the filter won't apply. You could try this if you'd like, but the site may not work outside China for some security reasons.

Bewerkt door Eleven op