Feature Request: Automatically Prefer HTTPS When Entering URLs
-
Hi Vivaldi Team,
I would like to suggest an improvement regarding the automatic preference for HTTPS connections when entering URLs in the Vivaldi browser. Currently, when I enter a URL in the format "domain.com" and press Enter, the browser first tries to open the address in the format http://domain.com, and only then redirects to https://domain.com if supported.
I am aware that there are certain settings in Vivaldi that can prefer secure connections. I have these settings enabled, but they work differently than needed. Even with these settings active, Vivaldi first attempts to open the website at http://domain.com, which leads to the mentioned issues.
This approach can lead to delays and can also compromise user security if the site does not support automatic redirection from HTTP to HTTPS. Therefore, I suggest that Vivaldi automatically try to open the URL in the format https://domain.com as the first step.
The benefits of this improvement include:
Increased Security: HTTPS is more secure than HTTP, and preferring it would minimize the risk of interception or eavesdropping.
Improved Loading Speed: Directly opening the HTTPS site would eliminate unnecessary redirection and speed up page loading.
Better User Experience: Automatically preferring HTTPS would meet the expectations of modern users who assume their connection is secure.
Thank you for considering this suggestion. I believe it would be a great feature that would enhance both the security and user experience of the Vivaldi browser.Best regards,
-
Hi,
Welcome to Vivaldi's ForumHave you checked at Settings?
What's the enabled state?Have you checked enabling the HTTPS entries at
chrome://flags
?--
AvoidData loss
Follow the Backup | Reset links below
Vivaldi Backup | Reset + Extra Steps
-
@RichtaCz Vivaldi already does this. See:
https://blog.chromium.org/2023/08/towards-https-by-default.htmlShort capture going to example.com (93.184.215.14):
93 11:26:35,632032 192.168.0.10 57164 93.184.215.14 443 TCP 66 57164 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM 98 11:26:35,718885 93.184.215.14 443 192.168.0.10 57164 TCP 66 443 → 57164 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 SACK_PERM WS=512 99 11:26:35,718947 192.168.0.10 57164 93.184.215.14 443 TCP 54 57164 → 443 [ACK] Seq=1 Ack=1 Win=262656 Len=0 100 11:26:35,719262 192.168.0.10 57164 93.184.215.14 443 TCP 1514 57164 → 443 [ACK] Seq=1 Ack=1 Win=262656 Len=1460 [TCP segment of a reassembled PDU] 101 11:26:35,719262 192.168.0.10 57164 93.184.215.14 443 TLSv1.3 379 Client Hello (SNI=example.com) 102 11:26:35,805919 93.184.215.14 443 192.168.0.10 57164 TCP 60 443 → 57164 [ACK] Seq=1 Ack=1786 Win=69120 Len=0 111 11:26:36,363104 93.184.215.14 443 192.168.0.10 57164 TLSv1.3 153 Hello Retry Request, Change Cipher Spec 112 11:26:36,363409 192.168.0.10 57164 93.184.215.14 443 TLSv1.3 653 Change Cipher Spec, Client Hello (SNI=example.com) 113 11:26:36,450092 93.184.215.14 443 192.168.0.10 57164 TCP 60 443 → 57164 [ACK] Seq=100 Ack=2385 Win=72192 Len=0 114 11:26:36,451746 93.184.215.14 443 192.168.0.10 57164 TLSv1.3 1514 Server Hello, Encrypted Extensions 115 11:26:36,451746 93.184.215.14 443 192.168.0.10 57164 TCP 1514 443 → 57164 [PSH, ACK] Seq=1560 Ack=2385 Win=72192 Len=1460 [TCP segment of a reassembled PDU] 116 11:26:36,451746 93.184.215.14 443 192.168.0.10 57164 TLSv1.3 1230 Certificate 117 11:26:36,451746 93.184.215.14 443 192.168.0.10 57164 TLSv1.3 168 Certificate Verify, Finished 118 11:26:36,451778 192.168.0.10 57164 93.184.215.14 443 TCP 54 57164 → 443 [ACK] Seq=2385 Ack=4310 Win=262656 Len=0 121 11:26:36,462918 192.168.0.10 57164 93.184.215.14 443 TLSv1.3 128 Finished 122 11:26:36,463004 192.168.0.10 57164 93.184.215.14 443 HTTP2 146 Magic, SETTINGS[0], WINDOW_UPDATE[0] 123 11:26:36,463086 192.168.0.10 57164 93.184.215.14 443 HTTP2 546 HEADERS[1]: GET / 126 11:26:36,549634 93.184.215.14 443 192.168.0.10 57164 TLSv1.3 309 New Session Ticket 127 11:26:36,549634 93.184.215.14 443 192.168.0.10 57164 TLSv1.3 309 New Session Ticket 128 11:26:36,549663 192.168.0.10 57164 93.184.215.14 443 TCP 54 57164 → 443 [ACK] Seq=3043 Ack=4820 Win=262144 Len=0 129 11:26:36,549674 93.184.215.14 443 192.168.0.10 57164 HTTP2 193 WINDOW_UPDATE[0] 130 11:26:36,549784 192.168.0.10 57164 93.184.215.14 443 HTTP2 85 SETTINGS[0] 131 11:26:36,551110 93.184.215.14 443 192.168.0.10 57164 HTTP2 976 DATA[1] (text/html)
It goes to port 443 first.
-
No. watch the video in the link. it's beautiful to see what vivaldi is doing there. I type the domain name in the command line. I press enter. vivaldi adds http:// in front of the domain name and tries to load the website using an insecure connection. As soon as my htaccess on the site detects this, it immediately redirects the connection as secure with https://
When I try this on an older site that doesn't have this setting in htaccess, the site loads with http://
Both thus prove that vivaldi primarily searches for pages with http://
https://www.awesomescreenshot.com/video/29379002?key=b75efba3b0c2e1442d2f2aa943e47e72
-
@RichtaCz said in Feature Request: Automatically Prefer HTTPS When Entering URLs:
I type the domain name in the command line. I press enter. vivaldi adds http:// in front of the domain name and tries to load the website using an insecure connection. As soon as my htaccess on the site detects this, it immediately redirects the connection as secure with https://
If you do not need the http://domain.tld you should add for your deomain domain.tld a HTTP header for HSTS.
-
@RichtaCz Even if you see
http://
in the url field for a short time, that's just a visual thing. There's no connection going to port 80 at all.As always it helps to give some example links to save time for others.
But the url in the video is https://holasovice.orgNo connection to port 80:
λ tshark -i4 dst host holasovice.org Capturing on 'Ethernet' 1 0.000000 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 66 52437 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM 2 0.028210 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1 Ack=1 Win=262656 Len=0 3 0.030818 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1 571 Client Hello (SNI=holasovice.org) 4 0.062517 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=518 Ack=3151 Win=262656 Len=0 5 0.065382 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1.2 134 Change Cipher Spec, Application Data 6 0.065498 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1.2 146 Application Data 7 0.066027 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1.2 596 Application Data 8 0.092874 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1232 Ack=3796 Win=262144 Len=0 9 0.093291 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1.2 85 Application Data 10 0.701138 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1263 Ack=13984 Win=262656 Len=0 11 20.701969 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1263 Ack=14047 Win=262656 Len=0 12 20.702275 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1263 Ack=14048 Win=262656 Len=0 13 20.702488 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [RST, ACK] Seq=1263 Ack=14048 Win=0 Len=0
Please learn to find evidence of your claims before making assumptions of things you don't understand.
When I try this on an older site that doesn't have this setting in htaccess, the site loads with http://
What site would that be? Link please.
-
@Pathduck said in Feature Request: Automatically Prefer HTTPS When Entering URLs:
Please learn to find evidence of your claims before making assumptions of things you don't understand.
Yes, I am not an IT specialist and do not understand networks. I think we don't need to resort to insults. However, your list of numbers did not impress me. I believe you misunderstood my question. Let me try again...
Play the video and stop it at the sixth second. What do you see in the command line? Explain to me why, immediately after confirming the domain by pressing enter, Vivaldi opens the website with http://... I think we can all agree that the http is clearly visible there.
PS: When I try the same thing in Edge, it immediately opens the website in https:
-
@RichtaCz said in Feature Request: Automatically Prefer HTTPS When Entering URLs:
Yes, I am not an IT specialist and do not understand networks.
When you don't understand something you should not make claims about things you cannot back up with solid data.
My "list of numbers" is a network capture - it show there are only connections to port https/443.
Play the video and stop it at the sixth second. What do you see in the command line? Explain to me why, immediately after confirming the domain by pressing enter, Vivaldi opens the website with http://... I think we can all agree that the http is clearly visible there.
I already explained, this is only visual. It does not mean there's a connection to http/80. If you care deeply about such purely cosmetic things, please report a bug.
Please read:
carefully and report the bug to Vivaldi bugtracker.
Please also post the bug-number (VB-#) here after reporting -
Said:
I think we don't need to resort to insults.
Which ones? Please back up with solid data.