Mozilla Restricts All New Firefox Features to HTTPS Only

Status
Not open for further replies.

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
In a groundbreaking statement earlier this week, Mozilla announced that all web-based features that will ship with Firefox in the future must be served on over a secure HTTPS connection (a "secure context").

"Effective immediately, all new features that are web-exposed are to be restricted to secure contexts," said Anne van Kesteren, a Mozilla engineer and author of several open web standards.

This means that if Firefox will add support for a new standard/feature starting tomorrow, if that standard/feature carries out communications between the browser and an external server, those communications must be carried out via HTTPS or the standard/feature will not work in Firefox.

The decision does not affect already existing standards/features, but Mozilla hopes all Firefox features "will be considered on a case-by-case basis," and will slowly move to secure contexts (HTTPS) exclusively in the future.

Mozilla continues its push for HTTPS
The move comes after a continuous push from browser makers to force website owners and developers to adopt HTTPS as a default state for the Web.

Mozilla has been tremendously helpful in this manner via the Let's Encrypt project, which it supported since the beginning.

Almost 65% of web pages loaded by Firefox in November used HTTPS, compared to 45% at the end of 2016, according to Let's Encrypt numbers.

Google never announced a formal rule that all new standards/features must work via HTTPS, but its engineers have always implemented recent features to work in secure contexts only [source].
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top