Description of the issue:
Unable to browse non-https websites. Brave forces all sites to HTTPS, despite being set to off in Shields and Privacy and Security settings.
How can this issue be reproduced?
Make sure my brave://settings/shields Upgrade connections to HTTPS is set to false.
Make sure my brave://settings/security always use secure connections is set to false.
Description: An exception occurred while processing your request. Additionally, another exception occurred while executing the custom error page for the first exception. The request has been terminated.
I don’t think it’s strictly an HTTP vs. HTTPS issue, because https://portal.sdi.edu/cmcportal/ works (and is where you get redirected by the first link).
But there is definitely some funny business going on after that first redirect. When Brave tries to hit the above URL it gets a 302 response code, whereas Firefox gets a 200 and then continues on its way.
Wonder if they might be doing some User-Agent filtering, or maybe their JavaScript is broken in some way. Can look some more later if nobody beats me to it.
I’ve gotten similar/same results from other sites, though I can’t remember which. I am using a VPN, so I wonder if the destination is throwing an error because of that.
There could be filtering by source IP but I see the same results here off-VPN. TBH it’s probably some broken parsing in their JavaScript, maybe they can fix it on their end, do you have a way of raising it with them?
It’s a school I’m attempting to enroll in. I don’t really have access to their IT department, and don’t think I could describe the problem well enough to faculty or advisors for them to get it fixed. I’ll see if I can get somebody spun up enough to get their IT department to contact me.
I appreciate you alleviating my concerns that it was just Brave. I don’t know why it works instantly on my phone, but I’ll see what I can get done.
Yeah, same happened to me. But then if I clear ‘data’ for the site, it reverts to failing again.
I am thinking with Shields down it probably is allowing a cookie to get set (that isn’t allowed with them up), and thereafter if the site finds that cookie it allows the connection. Then blowing away site data starts it all over again.