In the nightly builds of Firefox, on the basis of which the release of Firefox 5 will be formed on May 76, optional work "HTTPS Only", when enabled, all calls made without encryption will be automatically redirected to secure page options ("http://" to "https://"). To enable the mode, the "dom.security.https_only_mode" setting has been added to about:config.
The replacement will be made both at the level of resources loaded on the pages, and when you enter it in the address bar. The new regime decides with the default opening of pages using "http://", without the ability to change this behavior. Despite a lot of work to promote HTTPS in browsers, when typing a domain in the address bar without specifying a protocol, "http://" is still used by default. The proposed setting changes this behavior and also enables automatic replacement with "https://" when explicitly entering an address with "http://".
If accessing primary pages (entering a domain in the address bar) via https:// ends with a timeout, the user will be shown an error page with a button to make a request via http://. In case of failures when loading on "https://" subresources loaded during page processing, such failures will be ignored, but warnings will be displayed in the web console, which can be viewed through the web developer tools.
Chrome also to block insecure loading of subresources. For example, in the release of Chrome 81, a new mixed media loading protection mode was expected to be activated (when resources are loaded using the http:// protocol on an HTTPS page). Pages opened via HTTPS will automatically replace "http://" links with "https://" when loading images (Chrome 80 added a replacement for scripts, iframes, sound and video files). Future releases of Chrome will also switch to blocking file downloads via HTTP.
Source: opennet.ru