Firefox Private Browsing will automatically use HTTPS connection
A few days ago, Mozilla has launched the official version of Mozilla Firefox v91. In the new version, Mozilla has added new security improvements based on privacy principles.
This improvement is that in incognito mode, regardless of whether the domain name entered by the user has an HTTPS prefix, Firefox will intelligently complete protocol detection in the background.
The advantage of this is that if the website supports both encrypted access and plaintext access without redirection, the Firefox browser can also automatically encrypt access.
This technology significantly improves the security of users browsing websites in incognito mode, especially when users do not want others to know what they are visiting through incognito mode.
If you enter an insecure URL in the Firefox address bar, or if you click an insecure link on a web page, Firefox Private Browsing Windows checks if the destination website supports HTTPS. If YES: Firefox upgrades the connection and establishes a secure, encrypted HTTPS connection. If NO: Firefox falls back to using an insecure HTTP connection.
The Firefox browser engineer stated that when a user accesses a domain name in incognito mode, the Firefox browser will use an encrypted secure connection to try to access it by default.
If it is detected in the background that the corresponding domain name does not support encrypted access, the Firefox browser will automatically downgrade it and change it to a plaintext connection to ensure that the user can access it.
The premise is that the website supports both plaintext access and encrypted access. If the website itself is not configured with a digital certificate, the user will report an error even if the user enters HTTPS.
Mozilla claims that the entire process of intelligent detection technology is completed in the background at an extremely fast speed, so users will not actually notice possible delays when they visit.
This improvement helps to strengthen the security of users visiting the website. Of course, Mozilla hopes that more website administrators can configure the clear text to force encrypted connections to be redirected.
