Most sites on today's Internet support HTTPS and are configured to use HTTPS when a user connects to the site without specifying a protocol (e.g. only typing ghacks.net in the address bar and not https://www.ghacks.net/).
Web browsers, with a few notable exceptions such as Tor Browser, don't try to upgrade connections from HTTP to HTTPS automatically. If you click on a HTTP link in an old article, probably published before the migration to HTTPS began, you may end up loading the resource using HTTP; this won't happen if the site migrated to HTTPS fully, but will happen if it has not migrated at all or supports both HTTP and HTTPS.
Extensions like HTTPS Everywhere upgrade connection requests automatically if the site is in a database of sites that support HTTPS. Search engine DuckDuckGo launched a new feature called Smarter Encryption in its applications and extensions recently that upgrades connections to HTTPS automatically based on search engine data.
HTTPZ is a Firefox extension that upgrades HTTP connections as well. It does not rely on a database of sites that support HTTPS though; the extension tries to upgrade the connection to HTTPS automatically and will revert back to HTTP if the HTTPS connection throws an error.
One of the great strengths of HTTPZ is the extension's rich feature set. You may want to check the options that it provides right after installation to adjust them according to your needs.
Here is a quick overview of what is provided:
You find import and export options in the settings as well; useful to export settings and import then into other Firefox profiles.
HTTPZ has two limitations currently. The main one limits upgrades to the site that is accessed by the user, e.g. through links. The extension does not attempt to upgrade sub-resources, e.g. elements loaded by a HTTPS site.
The second issue is purely cosmetic; If an upgrade to HTTPS fails, Firefox wants to display an error message that describes what happened. HTTPZ does not wait for the error message to load but will retry the request using HTTP (which you can disable in the settings).
HTTPZ is a powerful extension for Firefox that upgrades HTTP site requests to HTTPS automatically. It features a whitelist and ignore list, and options to make rules more or less tight.
One downside is that it ignores sub-resources which may lead to mixed content warnings in Firefox.
Now You: how do you handle sites that still use HTTP?Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.