From e5608a090bf44d8d03e2731993bb0668fa4869cb Mon Sep 17 00:00:00 2001
From: yokoffing <11689349+yokoffing@users.noreply.github.com>
Date: Thu, 12 Sep 2024 14:38:39 -0400
Subject: [PATCH] Updated Optional Hardening (markdown)

---
 Optional-Hardening.md | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/Optional-Hardening.md b/Optional-Hardening.md
index 1f95bce..df48687 100644
--- a/Optional-Hardening.md
+++ b/Optional-Hardening.md
@@ -55,12 +55,10 @@ user_pref("urlclassifier.features.socialtracking.skipURLs", "");
 ***
 
 ### HTTPS-Only Mode
-Betterfox already [blocks](https://github.com/yokoffing/Betterfox/blob/df5fc26a1bdccd30e01f3c1dfe69a09a2c050410/Securefox.js#L810-L827) HTTP subresources from loading on HTTPS pages and [attempts to upgrade](https://github.com/yokoffing/Betterfox/blob/df5fc26a1bdccd30e01f3c1dfe69a09a2c050410/Securefox.js#L545-L550) HTTP site navigation to HTTPS.
+Betterfox already [blocks](https://github.com/yokoffing/Betterfox/blob/df5fc26a1bdccd30e01f3c1dfe69a09a2c050410/Securefox.js#L810-L827) HTTP subresources from loading on HTTPS pages. We also [attempt to upgrade](https://github.com/yokoffing/Betterfox/blob/df5fc26a1bdccd30e01f3c1dfe69a09a2c050410/Securefox.js#L545-L550) all site navigation, only falling back to insecure connections when a website does not support it.
 
-> [!NOTE]
-> HTTPS doesn't mean "trust this." It means "this is private." <br>
-> You may be having a private conversation with Satan. <br>
-> — [Scott Hanselman](https://www.hanselman.com/blog/how-do-we-know-if-mobile-apps-are-secure)
+> [!WARNING]
+> HTTPS-Only Mode sometimes causes annoying navigational errors when using DoH. <br>
 
 #### Option 1: Private windows only
 Firefox will get explicit permission from you before connecting to a site insecurely in [Private Browsing](https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history) (Firefox [incognito mode](https://support.mozilla.org/en-US/kb/common-myths-about-private-browsing)).
@@ -82,6 +80,11 @@ user_pref("dom.security.https_only_mode", true);
 user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 ```
 
+> [!NOTE]
+> HTTPS doesn't mean "trust this." It means "this is private." <br>
+> You may be having a private conversation with Satan. <br>
+> — [Scott Hanselman](https://www.hanselman.com/blog/how-do-we-know-if-mobile-apps-are-secure)
+
 ***
 
 ### Secure DNS