Closed GoogleCodeExporter closed 8 years ago
I think that this may be the the same as my post "Need Ability To White List.."
While White listing may be self defeating it would at least allow the user the
option to fully utilize the website that has a HTTPS URL and a unencrypted
connection.
As it stands now if a website has a top domain HTTPS URL and an unencrypted
connection within the website you can fully utilize the website if you are
using HTTPS Finder because as it is designed to do HTTPS Finder will force a
connection to a top level Domain with a HTTPS URL if it finds one. So once
there if all the connection on the entire website are not encrypted you can not
use both HTTPS Finder and all the features of the website.
This is a great limitation on wanting to use HTTPS Finder. No one wants to be
forced to secure top level domain and then not to be able to fully utilize all
the webpages and features within that website.
Having been a Systems Analyst, Designer and Implementer for over 30 years
before retiring I would consider this problem a major bug in the software.
As much as I love the concept of this software unless this problem is resolved
the headache of using this addon is not worth the gain.
Using HTTPS Everywhere along with Google searches can find me HTTPS top
domains. Firefox will still give me the warning when I am about to go over an
unencrypted connection within a Secure domain and then I can make the choice to
proceed or not. However if I proceed to use the unencrypted connection of my
own choice then I will be able to to. Whereas with HTTPS Finder in its current
design I cannot because it will force be back to the HTTPS URL.
So it comes down to deciding which is more trouble.
Using HTTPS Everywhere and Google to find me and get me to HTTPS domains or be
forced there with HTTPS Finder and then having less than a 100% use of the
website do to this problem?
cheers.
Not edited.
Original comment by CA.Liber...@gmail.com
on 20 Mar 2011 at 4:50
I agree completely, however the bug you're mentioning is only present if the
"auto-forward" is turned on. Otherwise it will alert you that HTTPS is there,
but it won't forward without your explicit permission.
The next version of HTTPS Finder has url parsing that should work for creating
HTTPS Everywhere rules for any top level domain (It's already done actually),
so really people should be using it to make rules that HTTPS Everywhere will
enforce. After that I'll continue to work on the whitelist and better HTTPS
enforcement during a session, but the original intent of this extension was to
augment HTTPS Everywhere.
This is only the second experimental release of HTTPS Finder also, so I'm still
implementing a lot of these abilities.
Thanks for the post!
Original comment by jacobsK...@gmail.com
on 20 Mar 2011 at 5:04
Original comment by jacobsK...@gmail.com
on 13 Apr 2011 at 4:32
Original issue reported on code.google.com by
jacobsK...@gmail.com
on 17 Feb 2011 at 11:14