There was a mild uproar recently about Firefox adding a feature that could allow mozilla to push out extension blacklists or something, or disable extensions entirely for a specific site (for "security" of course). I'd read the details but all I have is a reddit link and all the libreddit instances are ratelimited rn: r/MozillaInAction/comments/14rt5jx/firefox_115_can_silently_remotely_disable_my/
so I just saw an HSTS popup and was reminded: there's already a sorta analagous feature that restrict's the user's ability to make their own decisions on privacy/security matters: HSTS. It prevents users from loading a page without working HTTPS even if they want to take that risk, and it is controlled by the site owner entirely, the user has no say.
Shoulda gone with PCI-X!
But actually this is just a joke about Blanchard