Version: (using KDE KDE 3.5.5) Installed from: Debian testing/unstable Packages When I enter any url into my location bar, I would want Konqueror to try if it can establish a HTTPS connection first and only fall back to HTTP if there is not. In my opinion, it is simply unreasonabe not to use HTTPS if you have the chance to do so. As others will likely not want that or will get confused (especially if the HTTPS pages are out of date of different), this should probably be a switchable option with the default to off.
In light of the impeding KDE4 release, I am going through all bug reports I am involved in. To the best of my knowledge, this issue is still open.
Great, I just thought about the same thing and wanted to file a feature-request! So many pages feature https without one knowing because browsers default to http. It would be great if konqueror could be told to always try and establish encrypted connections and only use http if that isnt possible!
Thanks for your votes, I moved 20 votes to this item, as well :)
Now only 16, as I needed the votes for http://bugs.kde.org/show_bug.cgi?id=155385 (does anyone even care about those votes? ;)
*** This bug has been confirmed by popular vote. ***
Yay :)
First trying the HTTPS port for every single request can lead to a very noticeable slowdown (especially when ports are filtered), so some sort of heuristic or hint from the browser if it should be tried or not would be required. So it would be either extremely slow or a combination of somewhat slow and somewhat error-prone. AFAIK no other browser tries to do this either, and I think I know why. If anybody knows of an existing implementation please reply.
I am not aware of any other browser which does this. But KDE has spear-headed quite a few things, already, so... One possible solution would be to expose lower-level in the GUI. I.e. "looking up DNS name" "sent SYN" "received SYNACK" etc etc. Done in a way that looks nice it would not annoy non-techies and provide useful information for tech-minded people. And those are the ones likely to default to HTTPs :)
As a partial solution I would suggest an option to force HTTPS on certain domains. In Firefox the NoScript extension allows this. This also prevents users from transferring non-encrypted data by accident or because a website/domain is redirected by an attacker. It could look similar to the allow/disallow cookies or javascript option. Maybe there could also be an option to make konqueror ask you, whether it should force HTTPS whenever you visit a HTTPS website the first time. Maybe this should go into an own feature request, but you could say this is some kind of partial fix and at least very releated to this request.
Why is this request set to NEEDSINFO? I liked the suggestions from #9, btw. And in the same place where you have the list of which pages should be accessed via HTTPs and which should not (yes, both ways), there could be a 'default to HTTPs' option.
The news is all over a FF plugin that does this, so apperently its not impossible… then again I moved away from Konqueror (sad but true), so I don't care.
Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days, the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging If you have already provided the requested information, please set the bug status as REPORTED so that the KDE team knows that the bug is ready to be confirmed. Thank you for helping us make KDE software even better for everyone!
Updating because of automated poke. FTR, this feature can now be considered state of the art and should be implemented.