搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Firefox (current) Iceweasel 38.5.0ESR always rewrites http://wikipedia.org to https://wikipedia.org

  • 3 个回答
  • 1 人有此问题
  • 6 次查看
  • 最后回复者为 bkervaski

more options

Odd behavior, Firefox (current) Iceweasel 38.5.0ESR always rewrite the "HTTP" with "HTTPS" when accessing wikipedia.org or any subdomain thereof.

No plugins, clean installs (even OS installs), no cache, no bookmarks, nothing. I even deleted the search provider XML file and manually removed all caches and setting files.

No proxies, no DNS redirects, it's not HTTP headers (as the browser OS isn't connected to any network).

Any ideas?

Odd behavior, Firefox (current) Iceweasel 38.5.0ESR always rewrite the "HTTP" with "HTTPS" when accessing wikipedia.org or any subdomain thereof. No plugins, clean installs (even OS installs), no cache, no bookmarks, nothing. I even deleted the search provider XML file and manually removed all caches and setting files. No proxies, no DNS redirects, it's not HTTP headers (as the browser OS isn't connected to any network). Any ideas?

被采纳的解决方案

Okay, figured it out, what a pain.

If you run Firefox/Iceweasel for the first time connected to the internet the wikipedia search provider reaches out to https://wikipedia.org at which point the wikipedia web servers send back HTTP Strict Transport Security (HSTS) headers.

Now Firefox/Iceweasel stores that *.wikipedia.org and won't let you connect without HTTPS ever again, no matter how much you beg and plea and try faking it out with self-signed certs.

To resolve this issue easily I installed the "Force-TLS" add-on which lets you manage that backing store, then using that add-on created an exception for *.wikipedia.org, tested. Afterwards I removed the add-on completely and everything is the way I need it.

However, if you connect back to the public internet and go to https://wikipedia.org the cycle starts over (assuming they still hand out those headers, it appears not all of their web servers do).

I would like to know where the "never connect with HTTP again since HSTS headers were received" bit is stored just out of curiosity.

定位到答案原位置 👍 0

所有回复 (3)

more options

选择的解决方案

Okay, figured it out, what a pain.

If you run Firefox/Iceweasel for the first time connected to the internet the wikipedia search provider reaches out to https://wikipedia.org at which point the wikipedia web servers send back HTTP Strict Transport Security (HSTS) headers.

Now Firefox/Iceweasel stores that *.wikipedia.org and won't let you connect without HTTPS ever again, no matter how much you beg and plea and try faking it out with self-signed certs.

To resolve this issue easily I installed the "Force-TLS" add-on which lets you manage that backing store, then using that add-on created an exception for *.wikipedia.org, tested. Afterwards I removed the add-on completely and everything is the way I need it.

However, if you connect back to the public internet and go to https://wikipedia.org the cycle starts over (assuming they still hand out those headers, it appears not all of their web servers do).

I would like to know where the "never connect with HTTP again since HSTS headers were received" bit is stored just out of curiosity.

由bkervaski于修改

more options

That was very good work. Well Done. Please flag your last post as Solved Problem so others will know.


The only difference between "HTTP" and "HTTPS" is that the latter means the link is secured.

more options

This fixes it without the nasty plugin:

about:config New value (right click) "Integer”, “test.currentTimeOffsetSeconds”,“11491200”