Firefox has non-encrypted http requests done through of network.captive-portal-serivce which allow Mitm and ISP manipulation of the connection leading to malicious attack.
The attack reported on 2 different tickets:
- MITM Attack:
- Malicious ISP http Manipulation Attack:
And if you read their comments , they prefer convenient over security. So in this case as a user you have one choice to do which is fuck FF developers and close that by yourself by going to:
about:config
Then search for:
network.captive-portal-serivce.enabled
switch the value from true to false by double click on it.
Note: This is only effecting FF , but NOT TBB because its disabled by default there.