top | item 40112831

(no title)

shaftoe | 1 year ago

It is and it's a best practice. I've never heard anyone complain about this.

Most security scanning software will ding any site that doesn't use HSTS

discuss

You don't see why Firefox refusing to connect would be annoying? I don't care whether the blog about curl is encrypted in transit or not and I do care about a forced change to chrome to see the content.

michaelt|1 year ago

I can visit it in Firefox 123 just fine. Tests like [1] say the site works on everything from Firefox 31 to Firefox 73.

You're probably the target of a MITM attack. Or you've done something weird, like taking a job with an employer that MITMs your web traffic then refusing to install their MITM certificates.

[1] https://www.ssllabs.com/ssltest/analyze.html?d=daniel.haxx.s...

cuu508|1 year ago

Firefox connects to https://daniel.haxx.se/blog/2024/04/22/curl-is-just-the-hobb... fine. Are you connecting to a http:// URL instead? If yes, why?

dewey|1 year ago

But it's working just fine in my Firefox, so it sounds more like there's something wrong on your end by either security software or on the network level.

talkin|1 year ago

Common misconception, but Https / TLS provides a combination of gaurantees, and the one cannot work without the other:

Encrypted transit but you might be talking with the hacker on the other end == worthless.

And with plaintext transit you cannot prove integrity during transit AND also not prove talking with the proper endpoint.

In short: Browser really is warning you that something is fishy. Don’t shoot the messenger.