HTTPS Everywhere 1.0 For Firefox Released
I reviewed one of the first versions of HTTPS Everywhere for the Firefox web browser back in the middle of 2010.
The Firefox extension, which forced https connections to a handful of supported web pages, has come a long way since then.
The developers today have announced the release of HTTPS Everywhere 1.0 which includes support for over 1,000 web sites. Among the supported websites are previously supported sites like Google Search, Facebook or Wikipedia, and new services and pages like all WordPress.com blogs, Nintendo, Netflix, Dropbox or the UN website.
The extension is useful in situations where websites support both the http and https protocol without a clear distinction between the two protocols, or options to always use https when a user is connecting to the website.
HTTPS Everywhere ensures that https is always used when connecting to one of the supported properties. Connections that are initiated by the user via http are automatically switched over to https in that case.
The add-on options list all supported websites and services. It offers a search to find a specific site and a switch to enable or disable the https redirection.
Web users who know their way around regular expressions can even create their own rulesets to add support for websites and services that are not included in the default site listing.
New users to HTTPS Everywhere should take a look at the extensive FAQ section at the development site over at EFF.org for detailed information about the add-on and how it protects the user.
It may happen that HTTPS Everywhere breaks some part of a website, which can usually be attributed to inconsistent support for HTTPS on those sites. The only option then is to disable the rule and report the problem to the company or individual running the website.
HTTPS Everywhere can be installed directly from the EFF website. Cautious users can look at the source code of the project which is also available on the project site. (via)
I have HTTPS Everywhere, but cannot for the life of me remember installing it! Anyway I have encountered 1 problem and HTTPS Everywhere was the reason.. On the Flickr photo website there is the option to view photos via what Flickr call ‘Sildeshow’ HTTPS Everywhere prevents this function from working, (all you get is a black screen) it’s taken me a couple of days to figure out what suddenly stopped this feature on Flickr to function.
I now view flickr non HTTPS.
The only thing which bothers me with forced https is the consequence on some css or java scripts which then need to be customized (though more and more of these anticipate https). Otherwise (my laziness apart), great project.
Why HTTPS Everywhere is not on addons.mozilla.org ? Is there some rule that this extension violates? Is it really secure?
according to https://www.eff.org/https-everywhere/faq/
Q. Why isn’t HTTPS Everywhere available for download from addons.mozilla.org like most other Firefox add-ons?
A. We felt that the Mozilla privacy policy that applies to downloads from addons.mozilla.org is somewhat less protective than the privacy policies of the organizations that develop HTTPS Everywhere, and we prefer for HTTPS Everywhere users to be protected by our privacy policy. This decision could change in the future as Mozilla’s privacy practices evolve or as we re-examine the details of the current Mozilla policy.