Feature Request: Automatically Prefer HTTPS When Entering URLs

RichtaCz · 9 Jul 2024, 07:43

Hi Vivaldi Team,

I would like to suggest an improvement regarding the automatic preference for HTTPS connections when entering URLs in the Vivaldi browser. Currently, when I enter a URL in the format "domain.com" and press Enter, the browser first tries to open the address in the format http://domain.com, and only then redirects to https://domain.com if supported.

I am aware that there are certain settings in Vivaldi that can prefer secure connections. I have these settings enabled, but they work differently than needed. Even with these settings active, Vivaldi first attempts to open the website at http://domain.com, which leads to the mentioned issues.

This approach can lead to delays and can also compromise user security if the site does not support automatic redirection from HTTP to HTTPS. Therefore, I suggest that Vivaldi automatically try to open the URL in the format https://domain.com as the first step.

The benefits of this improvement include:

Increased Security: HTTPS is more secure than HTTP, and preferring it would minimize the risk of interception or eavesdropping.
Improved Loading Speed: Directly opening the HTTPS site would eliminate unnecessary redirection and speed up page loading.
Better User Experience: Automatically preferring HTTPS would meet the expectations of modern users who assume their connection is secure.
Thank you for considering this suggestion. I believe it would be a great feature that would enhance both the security and user experience of the Vivaldi browser.

Best regards,

Zalex108 · 9 Jul 2024, 09:19

@RichtaCz

Hi,
Welcome to Vivaldi's Forum

Have you checked at Settings?
What's the enabled state?

Have you checked enabling the HTTPS entries at chrome://flags?

--
Avoid Data loss
Follow the Backup | Reset links below

Vivaldi Backup | Reset + Extra Steps

Pathduck · 9 Jul 2024, 09:30

@RichtaCz Vivaldi already does this. See:
https://blog.chromium.org/2023/08/towards-https-by-default.html

Short capture going to example.com (93.184.215.14):

93	11:26:35,632032	192.168.0.10	57164	93.184.215.14	443	TCP	66	57164 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM
98	11:26:35,718885	93.184.215.14	443	192.168.0.10	57164	TCP	66	443 → 57164 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 SACK_PERM WS=512
99	11:26:35,718947	192.168.0.10	57164	93.184.215.14	443	TCP	54	57164 → 443 [ACK] Seq=1 Ack=1 Win=262656 Len=0
100	11:26:35,719262	192.168.0.10	57164	93.184.215.14	443	TCP	1514	57164 → 443 [ACK] Seq=1 Ack=1 Win=262656 Len=1460 [TCP segment of a reassembled PDU]
101	11:26:35,719262	192.168.0.10	57164	93.184.215.14	443	TLSv1.3	379	Client Hello (SNI=example.com)
102	11:26:35,805919	93.184.215.14	443	192.168.0.10	57164	TCP	60	443 → 57164 [ACK] Seq=1 Ack=1786 Win=69120 Len=0
111	11:26:36,363104	93.184.215.14	443	192.168.0.10	57164	TLSv1.3	153	Hello Retry Request, Change Cipher Spec
112	11:26:36,363409	192.168.0.10	57164	93.184.215.14	443	TLSv1.3	653	Change Cipher Spec, Client Hello (SNI=example.com)
113	11:26:36,450092	93.184.215.14	443	192.168.0.10	57164	TCP	60	443 → 57164 [ACK] Seq=100 Ack=2385 Win=72192 Len=0
114	11:26:36,451746	93.184.215.14	443	192.168.0.10	57164	TLSv1.3	1514	Server Hello, Encrypted Extensions
115	11:26:36,451746	93.184.215.14	443	192.168.0.10	57164	TCP	1514	443 → 57164 [PSH, ACK] Seq=1560 Ack=2385 Win=72192 Len=1460 [TCP segment of a reassembled PDU]
116	11:26:36,451746	93.184.215.14	443	192.168.0.10	57164	TLSv1.3	1230	Certificate
117	11:26:36,451746	93.184.215.14	443	192.168.0.10	57164	TLSv1.3	168	Certificate Verify, Finished
118	11:26:36,451778	192.168.0.10	57164	93.184.215.14	443	TCP	54	57164 → 443 [ACK] Seq=2385 Ack=4310 Win=262656 Len=0
121	11:26:36,462918	192.168.0.10	57164	93.184.215.14	443	TLSv1.3	128	Finished
122	11:26:36,463004	192.168.0.10	57164	93.184.215.14	443	HTTP2	146	Magic, SETTINGS[0], WINDOW_UPDATE[0]
123	11:26:36,463086	192.168.0.10	57164	93.184.215.14	443	HTTP2	546	HEADERS[1]: GET /
126	11:26:36,549634	93.184.215.14	443	192.168.0.10	57164	TLSv1.3	309	New Session Ticket
127	11:26:36,549634	93.184.215.14	443	192.168.0.10	57164	TLSv1.3	309	New Session Ticket
128	11:26:36,549663	192.168.0.10	57164	93.184.215.14	443	TCP	54	57164 → 443 [ACK] Seq=3043 Ack=4820 Win=262144 Len=0
129	11:26:36,549674	93.184.215.14	443	192.168.0.10	57164	HTTP2	193	WINDOW_UPDATE[0]
130	11:26:36,549784	192.168.0.10	57164	93.184.215.14	443	HTTP2	85	SETTINGS[0]
131	11:26:36,551110	93.184.215.14	443	192.168.0.10	57164	HTTP2	976	DATA[1] (text/html)

It goes to port 443 first.

RichtaCz · 9 Jul 2024, 10:44

No. watch the video in the link. it's beautiful to see what vivaldi is doing there. I type the domain name in the command line. I press enter. vivaldi adds http:// in front of the domain name and tries to load the website using an insecure connection. As soon as my htaccess on the site detects this, it immediately redirects the connection as secure with https://

When I try this on an older site that doesn't have this setting in htaccess, the site loads with http://

Both thus prove that vivaldi primarily searches for pages with http://

https://www.awesomescreenshot.com/video/29379002?key=b75efba3b0c2e1442d2f2aa943e47e72

DoctorG · 9 Jul 2024, 10:53

@RichtaCz said in Feature Request: Automatically Prefer HTTPS When Entering URLs:

I type the domain name in the command line. I press enter. vivaldi adds http:// in front of the domain name and tries to load the website using an insecure connection. As soon as my htaccess on the site detects this, it immediately redirects the connection as secure with https://

If you do not need the http://domain.tld you should add for your deomain domain.tld a HTTP header for HSTS.

Pathduck · 9 Jul 2024, 10:54

@RichtaCz Even if you see http:// in the url field for a short time, that's just a visual thing. There's no connection going to port 80 at all.

As always it helps to give some example links to save time for others.
But the url in the video is https://holasovice.org

No connection to port 80:

λ tshark -i4 dst host holasovice.org
Capturing on 'Ethernet'
    1   0.000000 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 66 52437 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM
    2   0.028210 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1 Ack=1 Win=262656 Len=0
    3   0.030818 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1 571 Client Hello (SNI=holasovice.org)
    4   0.062517 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=518 Ack=3151 Win=262656 Len=0
    5   0.065382 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1.2 134 Change Cipher Spec, Application Data
    6   0.065498 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1.2 146 Application Data
    7   0.066027 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1.2 596 Application Data
    8   0.092874 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1232 Ack=3796 Win=262144 Len=0
    9   0.093291 192.168.0.10 52437 px02.svethostingu.cz 443 TLSv1.2 85 Application Data
   10   0.701138 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1263 Ack=13984 Win=262656 Len=0
   11  20.701969 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1263 Ack=14047 Win=262656 Len=0
   12  20.702275 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [ACK] Seq=1263 Ack=14048 Win=262656 Len=0
   13  20.702488 192.168.0.10 52437 px02.svethostingu.cz 443 TCP 54 52437 → 443 [RST, ACK] Seq=1263 Ack=14048 Win=0 Len=0

Please learn to find evidence of your claims before making assumptions of things you don't understand.

When I try this on an older site that doesn't have this setting in htaccess, the site loads with http://

What site would that be? Link please.

RichtaCz · 9 Jul 2024, 11:08

@Pathduck said in Feature Request: Automatically Prefer HTTPS When Entering URLs:

Please learn to find evidence of your claims before making assumptions of things you don't understand.

Yes, I am not an IT specialist and do not understand networks. I think we don't need to resort to insults. However, your list of numbers did not impress me. I believe you misunderstood my question. Let me try again...

Play the video and stop it at the sixth second. What do you see in the command line? Explain to me why, immediately after confirming the domain by pressing enter, Vivaldi opens the website with http://... I think we can all agree that the http is clearly visible there.

PS: When I try the same thing in Edge, it immediately opens the website in https:

Pathduck · 9 Jul 2024, 11:14

@RichtaCz said in Feature Request: Automatically Prefer HTTPS When Entering URLs:

Yes, I am not an IT specialist and do not understand networks.

When you don't understand something you should not make claims about things you cannot back up with solid data.

My "list of numbers" is a network capture - it show there are only connections to port https/443.

Play the video and stop it at the sixth second. What do you see in the command line? Explain to me why, immediately after confirming the domain by pressing enter, Vivaldi opens the website with http://... I think we can all agree that the http is clearly visible there.

I already explained, this is only visual. It does not mean there's a connection to http/80. If you care deeply about such purely cosmetic things, please report a bug.

Please read:

carefully and report the bug to Vivaldi bugtracker.
Please also post the bug-number (VB-#) here after reporting

barbudo2005 · 10 Jul 2024, 00:58

@RichtaCz

Said:

I think we don't need to resort to insults.

Which ones? Please back up with solid data.