We at Mozilla believe that people deserve privacy and one of the most important pieces of web privacy is provided through ubiquitous encryption. Because of this, we shipped HTTPS-First by default as of Firefox 136 (March 4th). The mechanism upgrades all page loads to HTTPS and also includes an automated fallback to HTTP if the page does not support HTTPS or does not load fast enough. While this opportunistic upgrading mechanism does not protect against active network attackers, it still favours HTTPS and prevents known pervasive internet monitoring attacks.
