Encrypted search is now used throughout the browser
Mozilla has confirmed that it has made the switch to HTTPS Google Search in Firefox. The switch is active in the Aurora channel for now, where Firefox 14 currently resides, but it will make its way up the tiers in the coming weeks.The idea has been around for years, but it has only become feasible in the last few months, after Google switched most of its user base to the SSL version of its search engine, by default.
Now, Firefox 14 Aurora uses SSL Search in the search box, the AwesomeBar, or the right-click context menu search.
The switch has some obvious privacy and security advantages, so it's hard to argue against it, but there are some disadvantages, like the lack of referral information, which may be a boon if you value your privacy, but a bad idea if you're running a site dependent on Google Search, which is pretty much any site on the planet.
"In Aurora when you search using the location bar, search box, or the right-click menu, your search will be sent to Google through a secure (HTTPS) connection. You won’t notice a difference in how you search, but your Google search suggestions and search results will be presented through a secure web site," Mozilla's Sid Stamm explained.
"Enabling HTTPS for these searches shields our users from network infrastructure that may be gathering data about the users or modifying/censoring their search results. Additionally, using HTTPS helps providers like Google remove information from the referrer string," he said, trying to explain the main advantages.
Technically, the switch wasn't too complicated, Mozilla waited until Google was ok with using the SSL version of the search API. With Google having tested SSL Search in scale with the global roll out late last year, there were no worries that the influx of searches from Firefox would flood the system.
Mozilla underlines the fact that SSL Google Search doesn't provide referral info, so sites you land on won't know what you searched for. That may prove to be a good idea, but the web has always relied on this info being available.
What's more, it is the browser that passes the referrer info to any sites you visit, so Mozilla could remove all this info on any site if it really wanted, it doesn't need Google for that. Doing so would break a lot of sites though and it's not something that Mozilla is thinking about (hopefully) even in the name of privacy.