Venting frustration over browsers babysitting my grown-up arse into oblivion

Good evening guys. This post is going to be something of a rant, but it’s borne out of frustration over a recent problem I’ve had with browsers. If you have a solution for it, by all means, save me from having to go on a murderous rampage that would devastate the community of web browser programmers.

Here’s the situation : I have a big box of ESP8266 modules that I have no real use for. Looking for something to do with them, I decided to try MicroPython, which has very good support for that chip. And indeed it does, I was up and running within an hour. Awesome little project, if you have an ESP8266 lying around, it’s worth checking out.

After an hour of burning firmware via USB VCP and toying with PuTTY, I had already managed to setup automatic connection to my LAN and was ready to try WebREPL : a tool that lets you access your chip’s Python prompt from a web browser. The ESP8266 is a very very tiny chip, however, and it appears this can’t work over HTTPS, you need to open the client using an http:// URL

That’s when every single browser I have went :


And insisted on adding that fricking “s” at the end of http, thus ruining my fun, and then my mood.

I’m old-school, see. I like my computers to do exactly what I tell them, how I tell them. If you’re going to offer me some sort of automation, it better come with an easy-to-find switch for me to gleefully turn off.

Except whatever breed of deranged lunatic is coding browsers appears to have unanimously decided that no one on Earth can be trusted with accessing whatever URL they want to access.

I’ve tried every browser an iPad will run that has a recognizable brand name (Safari, Chrome, Mozilla and even Edge, FFS…) and they all redirect me to HTTPS.

I’ve tried Chrome on Windows, no joy either.

No setting anywhere that has any impact on that creepy behavior.

Unbelievably, it’s only Edge on Windows that finally let me access an HTTP URL. I mean what kind of Mickey Mouse PoS internet are we living on where Microsoft Edge is your best and only choice to get shit done ???

Anyway, MicroPython’s WebREPL works beautifully, so it’s a damn shame that I just can’t use it on anything built after the Bronze Age, especially my iPad. I can see so many applications for remotely Pythoning on small devices while on the move…

(Yeah, well, it’s mostly robots… but still, many robots)

If I were to guess, I’d say the absence of a setting to disable “forced HTTPS” comes from the same place as forced Windows updates : too many n00bs and anti-vaxxers (not to use stronger words) getting viruses too easily, resulting in the need to protect users from themselves… at the detriment of people who know what they are doing.

There, rant over, it’s off my chest now and I feel better. This is really annoying… nothing like building a working system in less than hour and then wasting two more just with a browser to make you feel like we’ve failed as a species :scream:

Drama over. The next step is plotting some sort of vengeance…


Did you try Firefox, Vivaldi, Chromium or Brave on windows / linux?

IIRC, ipad / ios browsers are all tied to Safari, and are limited by it.

Just loaded my non - s pihole site in Chromium, and Firefox and Brave, on desktop.
It failed to load on iphone using duckduckgo browser, or firefox app

One webkit to rule them all,
One webkit to find them,
One webkit to bring them all
and in the darkness bind them.”


I forgot I isolated my wifi from the main network.
I can load http only pihole on my iphone with Firefox browser, Brave and Duckduckgo

I just tested this- I can load an http txt file from a local server by IP address and host name. I’m running firefox-esr from debian bullseye (91.6.0). I do recall that I have run into this issue in the past. i think browsers tend to hang onto https preferences.

Don’t pay any attention to the default page content.

1 Like

Thanks guys, it’s been a long Sunday evening and after that browser misbehavior your replies are more than welcome.

The WebREPL client is open source, I’m gonna clone that repo and build my own client as a standalone app. Assuming someone hasn’t done just that already :slight_smile:

I wish you all a good week, and for all your foes, bugs and managers to tremble before you !

fwiw, there are small implementations of TLS that can work on an esp8266 (e.g. mbedTLS, wolfSSL, … ).

… but espressif SDK doesn’t bundle them and neither does micropython …

… and there’s always the alternative approach of running a webserver somewhere else and letting your esp talk either only mqtt or some custom protocol specific to your use case… and you can encrypt that with once off custom encryption.

I think that would be an acceptable solution in some applications I may have. I could keep a Pi Zero W around acting as a bridge between several ESP and a remote application. Just to be clear, I’m not asking to run unencrypted comms over the internet, I’m not really a fan of running naked in the streets. This HTTP problem is just a pain while I’m developing and trying things in my backyard.

Down the line, I’ll definitely implement ad-hoc encryption on the local WLAN portion of an application and rely on that plus SSL for any internet leg of the transmissions. I’m just pissed about being c*ckblocked by a darn browser :sweat_smile:

Which browsers specifically are causing problems?

iOS Safari is definitely willing to load http:// addresses (with a warning in the URL bar), and so is Firefox ESR desktop (unless you have HTTPS-only set to on or have EFF’s HTTPS Everywhere extension installed). I recently broke my Chromium install, so I cannot check that right now, maybe it too added an HTTPS-only setting in recent versions?


Firefox optional HTTPS-only mode:

Chromium defaulting to HTTPS, but not forcing HTTPS if HTTP specifically requested:

Safari desktop has a built-in HTTPS forcing feature, but only for certain domains, according to this post:

Chrome on Windows (up to date) and every single browser on iOS (on an iPad Pro 2020 that is up to date)