Open jgmoss opened 8 years ago
At the moment, the add-on only changes the default in the location bar. Nothing else is modified, but I've previously expressed interest in forcing everything to be https unless stated otherwise (that might break some websites though, so I haven't implemented it yet).
The good news is that http in https sites can be blocked. Active content such as scripts are blocked by default, images are enabled by default but you can also block them.
Go to about:config
, search for mixed_content
, and make sure that the following are set to true
:
security.mixed_content.block_active_content
security.mixed_content.block_display_content
In Chrome, mixed content is
+1 for an ext that redirects to HTTPS if available - and to HTTP if not availabe - of any url.
+1 for an ext that redirects to HTTPS if available - and to HTTP if not availabe - of any url.
Smart HTTPS (revived) might be what you are looking for.
Does this add-on convert third-party domains to HTTPS as well? For instance, if I visit a site and calls are made to another domain, are those requests also HTTPS?