Firefox for Android now has a toggle for HTTPS-Only mode
Mozilla has released Firefox 100.1.1 out of beta. It adds a new setting that allows users to enable HTTPS-Only mode.
The option was first introduced in Firefox Nightly a few weeks ago, and surprisingly has been brought to the stable version quite quickly. I say that it is surprising because Mozilla usually takes a while to move features from Nightly to the Beta and Stable Channels. e.g. The Pull to refresh gesture for reloading a page, was added in Firefox Nightly in October 2021, still hasn't made its way in to the public release.
HTTPS-Only mode is not enabled by default in Firefox for Android, but you can toggle the option in just a couple of taps.
How to enable HTTP-Only mode in Firefox for Android
1. Open the Firefox app's Settings menu.
2. Scroll down the page to reach the Privacy and Security section.
3. Tap on the option that is labeled "HTTPS-Only mode".
4. The browser will switch to another page, where you can toggle the setting. You may set it as the default option for all tabs, or only the tabs that you open in HTTPS mode.
That's it, now whenever you type a URL partially without the HTTPS prefix, or tap on a link that normally takes you to the HTTP version of a website, Firefox will force the page to load the HTTPS version of the site. This will help protect users from being spied on by third-parties, and land on genuine sites with SSL certificates instead of a fake banking site or something.
What about websites that don't support HTTPS?
Some sites still use the HTTP (Hypertext transfer protocol), even though it has been proven to be insecure, and vulnerable to hackers. But, blocking access to such portals would result in backlash from users. You may not believe it, but many Governments, Schools, and Offices around the world still have HTTP websites, which is probably why Firefox for Android will not prevent the page from loading. It might even be misunderstood as censorship.
When you run into a website that doesn't support HTTPS, the browser will display a warning message that reads "Secure Site Not Available". It shows 2 options, the first one is Go Back (Recommended), choosing which will make the browser jump to the previous page you were on. If you don't mind that the site is not secure, you can ignore the warning, and tap on the "Continue to HTTPS Site", to load the page using an unencrypted connection to the server.
The introduction of native support for HTTPS-Only mode essentially nullifies the HTTPS Everywhere extension, so if you're using the add-on, you may want to uninstall it.
Note: Firefox on the Google Play Store is still on version 99.2.0, it should be updated soon. But, if you don't want to wait, and if you're comfortable with side-loading apps from other sources, you may download the Firefox 100.1.1 APK from Mozilla's GitHub repository. I installed it over the Play Store version on my phone.
If Mozilla added full support for extensions in Firefox (stable), I'd probably use it instead of the Nightly builds.
What feature would you like to see in Firefox for Android?Advertisement