Clicking Address in Address Bar and Hitting Enter Navigates to HTTP, when on HTTPS page

Description of the issue:
When you click on the address in the address bar, and hit enter, it navigates to HTTP instead of HTTPS - even when on an HTTPS page. This is unexpected, because it appears that every time you hit ctrl+R to refresh, it loads HTTPS, not HTTP.

Steps to Reproduce:

  1. Launch Brave
  2. Visit any website, like (they will redirect you to HTTPS)
  3. Hit ctrl+shft+I to open the dev tools
  4. Go to the Network tab, and clear it
  5. Click on the Address bar, and hit enter
  6. See that the first request in the network tab is HTTP, not HTTPS

Expected Result:
The request should go to HTTPS, since if you copy the URL, you copy HTTPS, and if you hit ctrl+R, it refreshes HTTPS.

Reproduces how often:

Version Info:
Brave Version: 1.2.43
Chromium: 79.0.3945.130 (Official Build) (64-bit)

Reproducible on current live release:

Additional information:
Using Windows 10 on a Samsung laptop.

I consider the severity of this issue to be minor, since the issue can be redirected by Web Masters/Developers.

It did cause me some confusion, but now I understand these things better, so it was a good learning experience.

However, if the Web Master/Developer doesn’t handle this situation, and the planets align just right, it could potentially unmask login credentials somewhere out there in the world.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.