SSL only firefox add-on?

Seth David Schoen schoen at eff.org
Fri Jun 18 00:44:55 UTC 2010


judaiko judaiko writes:

> Let me say this first:
> 
> One company had a firewall that blocked all non SSL traffic.
> 
> So if you go https://mail.google.com and you sign in, it will stop you
> at one URL which was not https.
> 
> I am not sure if Gmail still does this i.e. redirect you to non https
> (http) url after login, and then again go into https mode when you
> enter gmail.
> 
> So this firewall used to give error saying not allowed, but when you
> changed it to https, the previous Gmail redirect url worked, and I
> could login to Gmail.
> 
> Now is there an add-on that does this in Firefox?
> 
> Block ALL http traffic by default?

EFF has been working on one called HTTPS Everywhere:

https://www.eff.org/https-everywhere/

There are some subtle issues around situations where a site
supports HTTPS for some resources but not others.  For example,
you can currently use

https://www.google.com/

for encrypted web search, but only the unencrypted form

http://www.google.com/language_tools?hl=en

for translation services.  As a result, HTTPS Everywhere has a
database of rules with exceptions, so that a rule can apply to
only a portion of a site.

This may not do exactly what you want because you might prefer
to block HTTP URLs entirely, rather than allowing them only if
no HTTPS equivalent exists.  You could probably achieve this in
HTTPS Everywhere by adding a local wildcard rule that matches
every HTTP site and redirects it to an intentionally broken
page, such as a URL within your local host.  The means of setting
up your own local rewrite rules are described at

https://www.eff.org/https-everywhere/rulesets

-- 
Seth Schoen
Senior Staff Technologist                         schoen at eff.org
Electronic Frontier Foundation                    http://www.eff.org/
454 Shotwell Street, San Francisco, CA  94110     +1 415 436 9333 x107
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list