I'm answering a survey on the frustrations of web developers. I can't answer this question because the survey site breaks: I cannot drag those things around, I can't skip the question, and I can't report the problem.

Β· Web Β· 1 Β· 4 Β· 11

@kensanata If I may help/forward the word I'll do.

What browser/OS/extensions are you using?

@Sphinx_Pouet Sure! I'm using PureBrowser 60.7.1esr (64-bit), and the add-ins I use are:
Privacy Badger
uBlock Origin
HTTPS Everywhere
HTTPS by default
This is not going to be easy to debug, I fear! πŸ˜ƒ

@kensanata yes (and the "multi-path" survey won't make it easier...)

I'll try to reproduce (not promising anything here) and will report a bug with the info

Given the lifespan of the survey and the fact that it's a third party tool (from an MDN point of view), I'm not sure things will be fixed by the end :/

@kensanata @Sphinx_Pouet What does "HTTPS by default" do?

Does it affect the behavior when you type a hostname without a scheme in the URL bar?

@kensanata @clacke @Sphinx_Pouet I found that feature trivial to implement in my browser "Odysseus". I have it falling back to HTTP upon error.

The latter does allow a MitM vector without HSTS, but HTTP-by-default also does. And interestingly Apple had to implement fixes so HSTS didn't provide a tracking vector, as it allowed websites to store one bit per domain.

Sign in to participate in the conversation

Octodon is a nice general purpose instance. more