Less HTTPS = easier government & advertiser data collection
-
Less HTTPS = easier government & advertiser data collection
-
S [email protected] shared this topic
-
Less HTTPS = easier government & advertiser data collection
I’m pretty sure browsers don’t even load http sites anymore.
-
I’m pretty sure browsers don’t even load http sites anymore.
I’m sure google will fix that in chrome, like killing adblocker functionality.
-
I’m pretty sure browsers don’t even load http sites anymore.
When I spin up a new self hosted service it's easier to add caddy to the stack than to convince Firefox to load http.
-
I’m pretty sure browsers don’t even load http sites anymore.
HTTP works fine in Firefox unless you set it to HTTPS only. Even then, you only have to click off a warning to open an HTTP site.
-
I’m pretty sure browsers don’t even load http sites anymore.
They load. I have to specify http:// to get it to work though.
-
When I spin up a new self hosted service it's easier to add caddy to the stack than to convince Firefox to load http.
Tailscale is also ridiculously easy to use for this purpose. The serve and Funnel features make secure self hosting really easy from your tailnet (one can easily provision certificates for nodes using Let's Encrypt from the CLI: https://tailscale.com/blog/reintroducing-serve-funnel
-
HTTP works fine in Firefox unless you set it to HTTPS only. Even then, you only have to click off a warning to open an HTTP site.
But if you try to load a local resource as localhost in Firefox...
For the sake of completeness:
Firefox contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit.
More info: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp
about:config
security.fileuri.strict_origin_policy
change to false
