Hey at least Chrome lets you can bypass SSL errors. Firefox makes it impossible to bypass SSL errors if the site uses HSTS. So much for the browser for power users.
Firefox sticks to the spec, Chrome makes you type out base64 manually to ignore the spec.
The TLS errors that aren't unbypassible by specification (i.e. HSTS, see https://datatracker.ietf.org/doc/html/rfc6797) can be bypassed on Firefox just fine. It's only the ones where the spec says bypassing the error shouldn't be possible where Firefox takes a hard stance.
Chrome had to alter their bypass string several times because vendors documented the override rather than fixing their insecure crapware. It makes total sense to me that Firefox does the same.
My installation of Firefox defaults to plain HTTP when I type a URL into the address bar. No amount of about:config fiddling seems to turn it off.
It is rubbish software, the developers routinely ignore fixing actual bugs in favor of new features, and I wish we had a better alternative that wasn't married to Google.
jeroenhd|7 months ago
The TLS errors that aren't unbypassible by specification (i.e. HSTS, see https://datatracker.ietf.org/doc/html/rfc6797) can be bypassed on Firefox just fine. It's only the ones where the spec says bypassing the error shouldn't be possible where Firefox takes a hard stance.
Chrome had to alter their bypass string several times because vendors documented the override rather than fixing their insecure crapware. It makes total sense to me that Firefox does the same.
Dylan16807|7 months ago
sugarpimpdorsey|7 months ago
It is rubbish software, the developers routinely ignore fixing actual bugs in favor of new features, and I wish we had a better alternative that wasn't married to Google.
giingyui|7 months ago
wasmperson|7 months ago
https://subdomain.preloaded-hsts.badssl.com/