For those using something other than Edge, like Chrome, or Firefox, and
after you enter just "comcast.net" into the address and hit Enter, do
those web browser also puke out "this site is insecure" warning even
when the site really is secure?
VanguardLH wrote:
For those using something other than Edge, like Chrome, or Firefox, and
after you enter just "comcast.net" into the address and hit Enter, do
those web browser also puke out "this site is insecure" warning even
when the site really is secure?
Not on firefox. It went to this site <https://www.xfinity.com/overview>
Edge is Chromium based. Can someone with Chrome do the same test?
Maybe it's a Chromium behavior that reflects into Edge, so maybe
behavior in Chrome is the same as in Edge.
Thanks for the data point.
I have a runbox pinned to my taskbar. So I typed into the runbox:
msedge https://www.xfinity.com/overview
Maria Sophia wrote:
I have a runbox pinned to my taskbar. So I typed into the runbox:
msedge https://www.xfinity.com/overview
I should have remembered to note that when I typed this:
msedge http://xfinity.com
It went to this:
https://www.xfinity.com/overview
We need a web site, I think, that doesn't have https, which, if we like,
we can set up on our routers, I guess.
Edge is presenting the following message before it even attempts to
establish a connection:
comcast.net doesnAt support a secure connection with HTTPS
sticks <wolverine01@charter.net> wrote:
VanguardLH wrote:
For those using something other than Edge, like Chrome, or Firefox, and
after you enter just "comcast.net" into the address and hit Enter, do
those web browser also puke out "this site is insecure" warning even
when the site really is secure?
Not on firefox. It went to this site <https://www.xfinity.com/overview>
For me, Edge intercedes with the "not secure" alert, and when I click on Continue the redirection -- which does go to HTTPS -- lands at https://www.xfinity.com/national/.
So, Edge is more of web nanny than Firefox. I was using Firefox up
until about a year ago, and my expection was the web browser wouldn't
bitch about an insecure site until it actually connected to the site
which could be directly HTTPS or redirect to HTTPS.
Edge is Chromium based. Can someone with Chrome do the same test?
Maybe it's a Chromium behavior that reflects into Edge, so maybe
behavior in Chrome is the same as in Edge.
Thanks for the data point.
On Sat, 10 Jan 2026 12:57:02 -0600, in <qk3ny3r5anb1.dlg@v.nguard.lh>, VanguardLH <V@nguard.LH> wrote:
Edge is presenting the following message before it even attempts to
establish a connection:
comcast.net doesnrCOt support a secure connection with HTTPS
Microsoft's CEO recently said that 80% of their programming is done by
AI. Maybe nuff said.
VanguardLH wrote:
sticks <wolverine01@charter.net> wrote:
VanguardLH wrote:
For those using something other than Edge, like Chrome, or Firefox,
and after you enter just "comcast.net" into the address and hit
Enter, do those web browser also puke out "this site is insecure"
warning even when the site really is secure?
Not on firefox. It went to this site <https://www.xfinity.com/overview>
For me, Edge intercedes with the "not secure" alert, and when I click
on Continue the redirection -- which does go to HTTPS -- lands at
https://www.xfinity.com/national/.
So, Edge is more of web nanny than Firefox.
Edge is Chromium based. Can someone with Chrome do the same test?
Maybe it's a Chromium behavior that reflects into Edge, so maybe
behavior in Chrome is the same as in Edge.
Is there accidentally some sort of Proxy involved ?
Edge is presenting the following message before it even attempts to
establish a connection:
comcast.net doesnrCOt support a secure connection with HTTPS
I'm using Comcast as an example. I load Edge which opens a new tab to about:blank. I enter into the address bar:
comcast.net
Notice I did not specify http:// or https:// for the protocol. The web browser figures that out when it attempts to make a connection.
However, it seems Edge is bitching before it even makes a connection.
It doesn't like when I do not specify the protocol, and it displays a
bogus message. If I add https://, or use a bookmark to the site which
also has https://, Edge doesn't bitch about an insecure connection,
because it started with a URI that specifies the protocol.
After entering comcast.net into the address bar and getting the bogus non-secure warning, I click on "Continue to site". After continuing,
Edge then establishes a connection, and then it realizes the site does
have a valid certificate, and connects using HTTPS.
Many sites have HTTP connections that will redirect to HTTPS, but that
is after the initial HTTP connection. For this "doesn't support a
secure connection" warning, however, Edge has not connected to the site.
It presumes from the URL sans protocol that the site is insecure.
Any way to either stall Edge to wait until it connects to see what type
of connection the site will initiate (whether it starts with HTTP or
HTTPS), or to configure Edge to stop this bogus whining about insecure
sites that haven't had a chance to present a certificate? Don't use
what the user entered. The URI protocol will be required every time to
make a connection, but the web browser without hint from the URL should
try HTTP to see if HTTPS is accepted.
In Edge, there is the "Automatically switch to more secure connections
with Automatic HTTPS". Doesn't matter whether disabled or enabled.
Edge still bitches about an insecure that is secure.
I should not have to add the URI protocol (http:// or https://) when
manually inputting the URL in the address bar. The web browser should
figure that out by first trying HTTPS. If that fails, and the web
browser has to fallback to HTTP, *then* the web browser should warn the connect is insecure.
For those using something other than Edge, like Chrome, or Firefox, and
after you enter just "comcast.net" into the address and hit Enter, do
those web browser also puke out "this site is insecure" warning even
when the site really is secure?
On Sat, 1/10/2026 8:08 PM, Jim H wrote:
On Sat, 10 Jan 2026 12:57:02 -0600, in <qk3ny3r5anb1.dlg@v.nguard.lh>,
VanguardLH <V@nguard.LH> wrote:
Edge is presenting the following message before it even attempts to
establish a connection:
comcast.net doesnrCOt support a secure connection with HTTPS
Microsoft's CEO recently said that 80% of their programming is done by
AI. Maybe nuff said.
I thought the number was 30%.
And employees (devs) can be fired for not "embracing AI".
That means you have to sit at your desk and consume tokens
as part of your work day.
This effort, the vibe coding, is to capture the mythical productivity improvement
as you correct the AI mistakes.
I wonder if Raymond Chen has embraced AI as his personal savior ? :-)
I bet in a Trivial Pursuit challenge, he could beat the AI at
its own game. The AI is likely afraid of Raymond.
Paul <nospam@needed.invalid> wrote:
VanguardLH wrote:
sticks <wolverine01@charter.net> wrote:
VanguardLH wrote:For me, Edge intercedes with the "not secure" alert, and when I click
For those using something other than Edge, like Chrome, or Firefox,
and after you enter just "comcast.net" into the address and hit
Enter, do those web browser also puke out "this site is insecure"
warning even when the site really is secure?
Not on firefox. It went to this site <https://www.xfinity.com/overview> >>>
on Continue the redirection -- which does go to HTTPS -- lands at
https://www.xfinity.com/national/.
So, Edge is more of web nanny than Firefox.
Edge is Chromium based. Can someone with Chrome do the same test?
Maybe it's a Chromium behavior that reflects into Edge, so maybe
behavior in Chrome is the same as in Edge.
Is there accidentally some sort of Proxy involved ?
Not that I'm aware of. This is for my home network. If there were a
proxy, I'd be the one to add it.
I have Proton VPN (free), but I only use it when geofencing, not to
hide. I also disabled the Secure Network (a VPN) inside of Edge.
As old as it is, and in the IE era, I looked at Internet Properties (inetcpl.cpl), Connections tab, LAN settings, and no VPN defined there.
No 3rd-party anti-virus. Just Windows Defender.
In Edge, safe mode is combined with inprivate mode. I opened an
inprivate window in Edge, entered "comcast.net" (no protocol or
qualifier), but Edge was still a web nanny alerting me to an insecure
site before it went there just because it assumes the lack of https://
means using http://, but the site will redirect anyway.
Entering "comcast.net" does not add the protocol, but obviously the web browser can't use that invalid URL. It needs to prefix http:// or
https:// onto the partial URL string before it tries to connect.
I have tried enabling the "Automatically switch to more secure
connections with Automatic HTTPS" to see if Edge was prepending http://,
and would now prepend https://, but that didn't change Edge whining
about an insecure site based on what I entered versus what it should
use.
It is obvious Edge is spewing a bogus alert. When it shows the "doesn't support a secure connection" page, "Not secure" icon shows at the left
end of the address bar. Click on it, and you get the "About <domain>"
drop down very much like when looking at site info in Firefox. In the
drop down, it says "Your connection to this site is not secure". When
you click on that to expand a flyout to show details, that says "This
site does not have a certificate". Yes, it does. Click Continue, do an actual connect, and you can see the site has a cert.
The site has a cert. Enter "comcast.net", and Edge alerts the site is
not secure. Enter "http://comcast.net" (not https), and Edge doesn't
bitch, connects to the site, and either Edge or the site switches to
HTTPS even though you entered http://.
Seems Edge is bitching based on the URL that I entered without
prepending the protocol, not that it actually tested if the site had a
cert or not.
Since Edge is a Chromium variant, I'm wondering what Chrome does when
just "comcast.net" is entered in the address bar, and hit Enter.
Edge is Chromium based. Can someone with Chrome do the same test?
Maybe it's a Chromium behavior that reflects into Edge, so maybe
behavior in Chrome is the same as in Edge.
Thanks for the data point.
VanguardLH <V@nguard.lh> wrote:
Edge is Chromium based. Can someone with Chrome do the same test?
Maybe it's a Chromium behavior that reflects into Edge, so maybe
behavior in Chrome is the same as in Edge.
Thanks for the data point.
As others also reported, it's apparently something with *your* setup.
Also for me - in The Netherlands - just entering 'comcast.net' works
fine, both in Edge and in Chrome, and redirects to <https://www.xfinity.com/overview>
VanguardLH wrote on 1/10/2026 11:57 AM:
Edge is presenting the following message before it even attempts toWorks fine in Edge with my current Edge settings.
establish a connection:
comcast.net doesnrCOt support a secure connection with HTTPS
I'm using Comcast as an example. I load Edge which opens a new tab to
about:blank. I enter into the address bar:
comcast.net
Notice I did not specify http:// or https:// for the protocol. The web
browser figures that out when it attempts to make a connection.
However, it seems Edge is bitching before it even makes a connection.
It doesn't like when I do not specify the protocol, and it displays a
bogus message. If I add https://, or use a bookmark to the site which
also has https://, Edge doesn't bitch about an insecure connection,
because it started with a URI that specifies the protocol.
After entering comcast.net into the address bar and getting the bogus
non-secure warning, I click on "Continue to site". After continuing,
Edge then establishes a connection, and then it realizes the site does
have a valid certificate, and connects using HTTPS.
Many sites have HTTP connections that will redirect to HTTPS, but that
is after the initial HTTP connection. For this "doesn't support a
secure connection" warning, however, Edge has not connected to the site.
It presumes from the URL sans protocol that the site is insecure.
Any way to either stall Edge to wait until it connects to see what type
of connection the site will initiate (whether it starts with HTTP or
HTTPS), or to configure Edge to stop this bogus whining about insecure
sites that haven't had a chance to present a certificate? Don't use
what the user entered. The URI protocol will be required every time to
make a connection, but the web browser without hint from the URL should
try HTTP to see if HTTPS is accepted.
In Edge, there is the "Automatically switch to more secure connections
with Automatic HTTPS". Doesn't matter whether disabled or enabled.
Edge still bitches about an insecure that is secure.
I should not have to add the URI protocol (http:// or https://) when
manually inputting the URL in the address bar. The web browser should
figure that out by first trying HTTPS. If that fails, and the web
browser has to fallback to HTTP, *then* the web browser should warn the
connect is insecure.
For those using something other than Edge, like Chrome, or Firefox, and
after you enter just "comcast.net" into the address and hit Enter, do
those web browser also puke out "this site is insecure" warning even
when the site really is secure?
Automatically redirects(without prompting about a secure connection) to:
<https://www.xfinity.com/national/>
Check your setting in Edge.
Settings/Privacy-search-services/
Look at the toggle-able settings for and under 'Automatically switch to more secure connections...'
Check your setting in Edge.
Settings/Privacy-search-services/
Look at the toggle-able settings for and under 'Automatically switch to >> more secure connections...'
I tested entering just "comcast.net" (no protocol) with that setting
both enabled and disabled. Got the insecure nag regardless of that
setting.
Paul <nospam@needed.invalid> wrote:
VanguardLH wrote:
sticks <wolverine01@charter.net> wrote:
VanguardLH wrote:For me, Edge intercedes with the "not secure" alert, and when I click
For those using something other than Edge, like Chrome, or Firefox,
and after you enter just "comcast.net" into the address and hit
Enter, do those web browser also puke out "this site is insecure"
warning even when the site really is secure?
Not on firefox. It went to this site <https://www.xfinity.com/overview> >>>
on Continue the redirection -- which does go to HTTPS -- lands at
https://www.xfinity.com/national/.
So, Edge is more of web nanny than Firefox.
Edge is Chromium based. Can someone with Chrome do the same test?
Maybe it's a Chromium behavior that reflects into Edge, so maybe
behavior in Chrome is the same as in Edge.
Is there accidentally some sort of Proxy involved ?
Not that I'm aware of. This is for my home network. If there were a
proxy, I'd be the one to add it.
I have Proton VPN (free), but I only use it when geofencing, not to
hide. I also disabled the Secure Network (a VPN) inside of Edge.
As old as it is, and in the IE era, I looked at Internet Properties (inetcpl.cpl), Connections tab, LAN settings, and no VPN defined there.
No 3rd-party anti-virus. Just Windows Defender.
In Edge, safe mode is combined with inprivate mode. I opened an
inprivate window in Edge, entered "comcast.net" (no protocol or
qualifier), but Edge was still a web nanny alerting me to an insecure
site before it went there just because it assumes the lack of https://
means using http://, but the site will redirect anyway.
Entering "comcast.net" does not add the protocol, but obviously the web browser can't use that invalid URL. It needs to prefix http:// or
https:// onto the partial URL string before it tries to connect.
I have tried enabling the "Automatically switch to more secure
connections with Automatic HTTPS" to see if Edge was prepending http://,
and would now prepend https://, but that didn't change Edge whining
about an insecure site based on what I entered versus what it should
use.
It is obvious Edge is spewing a bogus alert. When it shows the "doesn't support a secure connection" page, "Not secure" icon shows at the left
end of the address bar. Click on it, and you get the "About <domain>"
drop down very much like when looking at site info in Firefox. In the
drop down, it says "Your connection to this site is not secure". When
you click on that to expand a flyout to show details, that says "This
site does not have a certificate". Yes, it does. Click Continue, do an actual connect, and you can see the site has a cert.
The site has a cert. Enter "comcast.net", and Edge alerts the site is
not secure. Enter "http://comcast.net" (not https), and Edge doesn't
bitch, connects to the site, and either Edge or the site switches to
HTTPS even though you entered http://.
Seems Edge is bitching based on the URL that I entered without
prepending the protocol, not that it actually tested if the site had a
cert or not.
Since Edge is a Chromium variant, I'm wondering what Chrome does when
just "comcast.net" is entered in the address bar, and hit Enter.
I don't get the
insecure nag if I enter https://comcast.net. It's when I enter just "comcast.net" when the insecure nag appears.
wmic datafile where name="C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" get VersionVersion 143.0.3650.139
Frank Slootweg <this@ddress.is.invalid> wrote:
VanguardLH <V@nguard.lh> wrote:
Edge is Chromium based. Can someone with Chrome do the same test?
Maybe it's a Chromium behavior that reflects into Edge, so maybe
behavior in Chrome is the same as in Edge.
Thanks for the data point.
As others also reported, it's apparently something with *your* setup.
What others (before you posted)?
How Firefox behaves for sticks doesn't
mandate how Chromium web browsers behave. Maria reported what happened
in his Edge, not Chrome, and he didn't state he tried an incomplete URL (i.e., no https:// prefix). He entered full URLs. I don't get the
insecure nag if I enter https://comcast.net. It's when I enter just "comcast.net" when the insecure nag appears.
You're the first, and, so far, the only one that has noted behavior in
your Chrome (and in your Edge). Thanks for that data point.
Also for me - in The Netherlands - just entering 'comcast.net' works
fine, both in Edge and in Chrome, and redirects to <https://www.xfinity.com/overview>
That's what I expected, too.
- Enter "comcast.net".
- Edge should first try to connect using HTTPS by default (configured to
prefer HTTPS).
- Edge sees the site has a cert.
- The web session proceeds without incident.
That's why when I saw different behavior than expected that I got
curious. I watched TCPview. Edge did not connect to the site before announcing its insecure nag. It was bitching about my incomplete URL
syntax which I expected Edge to complete.
I don't have Chrome. What version of Edge are you using? Mine is 143.0.3650.139.
Edge is presenting the following message before it even attempts to
establish a connection:
comcast.net doesnrCOt support a secure connection with HTTPS
I'm using Comcast as an example. I load Edge which opens a new tab to about:blank. I enter into the address bar:
comcast.net
Notice I did not specify http:// or https:// for the protocol. The web browser figures that out when it attempts to make a connection.
However, it seems Edge is bitching before it even makes a connection.
It doesn't like when I do not specify the protocol, and it displays a
bogus message. If I add https://, or use a bookmark to the site which
also has https://, Edge doesn't bitch about an insecure connection,
because it started with a URI that specifies the protocol.
After entering comcast.net into the address bar and getting the bogus non-secure warning, I click on "Continue to site". After continuing,
Edge then establishes a connection, and then it realizes the site does
have a valid certificate, and connects using HTTPS.
Many sites have HTTP connections that will redirect to HTTPS, but that
is after the initial HTTP connection. For this "doesn't support a
secure connection" warning, however, Edge has not connected to the site.
It presumes from the URL sans protocol that the site is insecure.
Any way to either stall Edge to wait until it connects to see what type
of connection the site will initiate (whether it starts with HTTP or
HTTPS), or to configure Edge to stop this bogus whining about insecure
sites that haven't had a chance to present a certificate? Don't use
what the user entered. The URI protocol will be required every time to
make a connection, but the web browser without hint from the URL should
try HTTP to see if HTTPS is accepted.
In Edge, there is the "Automatically switch to more secure connections
with Automatic HTTPS". Doesn't matter whether disabled or enabled.
Edge still bitches about an insecure that is secure.
I should not have to add the URI protocol (http:// or https://) when
manually inputting the URL in the address bar. The web browser should
figure that out by first trying HTTPS. If that fails, and the web
browser has to fallback to HTTP, *then* the web browser should warn the connect is insecure.
For those using something other than Edge, like Chrome, or Firefox, and
after you enter just "comcast.net" into the address and hit Enter, do
those web browser also puke out "this site is insecure" warning even
when the site really is secure?
No, Mark Lloyd tried Chrome before I posted (but he did not
specifically say that he *only* entered 'comcast.net'), that's why I
said "As others also reported":
[...]--
| Sysop: | Amessyroom |
|---|---|
| Location: | Fayetteville, NC |
| Users: | 54 |
| Nodes: | 6 (0 / 6) |
| Uptime: | 15:54:25 |
| Calls: | 742 |
| Files: | 1,218 |
| D/L today: |
3 files (2,681K bytes) |
| Messages: | 184,205 |
| Posted today: | 1 |