I used to frequently boot up my SGI and NeXT and try random sites with super old browsers to see if they still work. Sadly SSL everywhere has largely killed that experiment.
You could rig up a proxy that turns HTTP requests into HTTPS (when needed) and also rewrites `https:` scheme URLs in HTML to `http:`.
If your vintage browsers support some old JS, you could also have the proxy to do a a very simple kludge to patch JS going through it to fix some URLS, but not all (because The Halting Problem).
Bonus of a transforming proxy: if there are bad known vulnerabilities in some vintage browsers that can't be fixed, the proxy might be able to filter at least some exploits. (But you might not tackle cross-origin vulnerabilities in any case, so keep that in mind.)
I still run HTTP on my sites, preceisely for that reason. If you're ever in that mood again, please have a browse and let me know how it goes. I have tested for compatibility back to Netscape 2.0 and IE 3.0, and only HTTP/1.1 is currently supported, but it may improve in the future.
Agreed. I would still use my old Nokia N900, but its browser can't deal with what it sees as all the expired SSL certs... so that phone's become primarily a small digital music player.
Wouldn't it be possible to import the new certs? It's a debian base so I think you could just download the ca-certificates package from the debian website and dpkg -i the file.
If your vintage browsers support some old JS, you could also have the proxy to do a a very simple kludge to patch JS going through it to fix some URLS, but not all (because The Halting Problem).
Bonus of a transforming proxy: if there are bad known vulnerabilities in some vintage browsers that can't be fixed, the proxy might be able to filter at least some exploits. (But you might not tackle cross-origin vulnerabilities in any case, so keep that in mind.)