Microsoft is testing an Automatic HTTPS Mode in the Edge web browser
Microsoft added support for a new browsing mode called Automatic HTTPS to its desktop Microsoft Edge web browser designed to enforce the use of HTTPS connections when connecting to sites and services.
Many Internet sites have switched to using HTTPs in recent years. HTTPS protects connections and it is also beneficial for sites as search engines such as Google may use it to determine a site's visibility in search engines. Some sites support HTTP and HTTPS connections side-by-side, others only HTTPS or only HTTP.
Microsoft Edge's Automatic HTTPS mode feature supports two modes. The default mode works similarly to the browser extension HTTPS Everywhere; it attempts to upgrade HTTP connections to HTTPS but does not enforce it. In other words: HTTP is still allowed and used in Edge if HTTPS is not an option.
The second mode resembles Firefox's HTTPS Only Mode, but without the fallback option. When enabled, Edge will upgrade all connections to HTTPS, even those that don't support it. Errors are thrown if a site or resource cannot be loaded via HTTPS, but unlike in Firefox, Edge does not offer an option to make an exception and access the resource via HTTP.
Edge displays an error message if the upgrading from HTTP to HTTPS failed, but no option to circumvent it. A toggle is not provided, and the only recourse at this time is to click on the settings link to switch the feature to the lighter mode or to disable it entirely for the time being.
Since it is in development right now, it is possible that a circumvent feature or a allow/disallow list feature is implemented before it reaches the stable version of the Edge browser.
Automatic HTTPS is an experimental feature that is available in Microsoft Edge Canary, version 92.0.877.0, at the time of writing. You can verify the version of the browser by loading edge://settings/help in the address bar.
To configure Automatic HTTPS Mode, do the following:
- Load edge://flags/#edge-automatic-https in the browser's address bar.
- Set the experimental feature to Enabled.
- Restart Microsoft Edge.
The lighter version of Automatic HTTPS is enabled by default. Open edge://settings/privacy in Edge and scroll down to the new Automatically switch to more secure connections with Automatic HTTPS section to turn it off or switch to the mode that enforces HTTPS without fallback.
How useful is Automatic HTTPS in Edge?
Automatic HTTPS mode in Edge attempts to upgrade HTTP connections to HTTPS. The first mode attempts to upgrade connections but does not enforce the use of HTTPS so that sites and resources will load if the upgrade fails.
The second mode enforces HTTPS and does not offer a fallback. While more secure, it may require manual interventions from time to time when sites or resources won't load because of missing HTTPS support.
The lighter version of Automatic HTTPS should be usable by all users of the browser, as it works similarly to HTTPS Everywhere. It tries to improve the security of connections in the browser. The stricter mode may be useful when it comes to tasks that benefit from higher security.
Now You: do you use extensions or browser features that upgrade HTTP connections?Advertisement