If I want to go to facebook, all I need to write in the address bar is "facebook.com", but the displayed address is "https://www.facebook.com/". A naive user would believe that they need to write the entire "https://www.facebook.com/" instead of just the short version to navigate to facebook, which is too cumbersome for them so they just use google search to find it instead.
That is site-specific behavior. It depends on a redirect from http://facebook.com/ to https://www.facebook.com/ which may not exist for all sites. If the user wants to end up at the proper page without risking an insecure redirect over HTTP then they do need to type the entire URL.
I would support making HTTPS the default when a URL fragment is entered without an explicit scheme, and site operators should just drop the obsolete www domain name prefix. However, the browser should not be masking the full name of the site you're visiting. At the very least it should verify that www.example.com and example.com resolve to the same IP address(es) and use the same TLS certificate before presenting them as equivalent, though that still doesn't guarantee that they have the same content.
