Skip to content
This repository has been archived by the owner on Nov 6, 2023. It is now read-only.

Feature wish: Rewrite hardcoded HTTP-Links to HTTPS on knowlingly (by URL) HTTPS-enabled sites within the same domain if no explicit rule exists #2017

Closed
foobar13373 opened this issue Jun 28, 2015 · 3 comments

Comments

@foobar13373
Copy link

I know a lot of sites that actually support HTTPS (everything works fine when you manually enter "https://" on any URL), but have hardcoded HTTP-Links in them. So they switch to unencrypted, even though encrypted would work.

In this case I surely have the option to write or submit my own rules, but not everyone is knowledgable enough or does not have enough time to do that.

It would be great if HTTPS-Everywhere had some kind of autodetection of unneccessary HTTPS->HTTP links within the same domain if no explicit rule exists.

Example:
I have a bookmark to the fully working, encrypted https://site.example.com/index.php and this page has a link that leads to http://site.example.com/subpage.php. Now, sadly site.example.com has no HTTPS-E rule (yet) and I do not know how to create one. It would be nice if HTTPS-E could fix this for me, by auto-rewrite such links to the https-version (the condition would be: "I have no explicit rule, but I know from the URL that https is possible on this domain").

This feature should be toggable, of course, to allow unbreaking sites that may introduce problems.

@foobar13373 foobar13373 changed the title Feature wish: Rewrite hardcoded HTTP-Links to HTTPS on HTTPS-enabled sites within the same domain Feature wish: Rewrite hardcoded HTTP-Links to HTTPS on HTTPS-enabled sites within the same domain if no explicit rule exists Jun 28, 2015
@foobar13373 foobar13373 changed the title Feature wish: Rewrite hardcoded HTTP-Links to HTTPS on HTTPS-enabled sites within the same domain if no explicit rule exists Feature wish: Rewrite hardcoded HTTP-Links to HTTPS on knowlingly (by URL) HTTPS-enabled sites within the same domain if no explicit rule exists Jun 28, 2015
@fuglede
Copy link
Contributor

fuglede commented Jun 28, 2015

Perhaps a bit off-topic but there is an extension called https-finder which does, among other things, what you're asking.

@KommX
Copy link
Contributor

KommX commented Jul 1, 2015

Unfortunately https-finder is only available for Firefox and hasn't been updated in years.

@jsha
Copy link
Member

jsha commented Jul 1, 2015

This is an interesting idea! But I think it adds a lot of complexity to the code base for a feature that would have to be default-off due to the potential for breakage. Instead, I would like to make it much easier to create a local ruleset in Firefox, similar to how you can create on in Chrome (An "add this site" option under the HTTPS Everywhere menu). Related to #1681.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants