[Addon] HTTP Nowhere #188
Comments
If this is the case, I think we shouldn't recommend it. I'm sure the world isn't ready for this yet :) |
|
I'd like to post a recent problem on Soundcloud: If a CDN Provider fails to flush its cache, the problem may still persist. |
|
HTTP Nowhere haven't been updated for a while already ( Maybe, that feature should be mentioned in readme instead of adding the notion of yet another addon? Especially given that HTTPS Everywhere is already recommended there. :)
|
|
On the second thought, I haven't found the manual whitelisting in HTTPS Everywhere, that's my bad. |
|
@Atavic I'm not sure they're working with "block all unencrypted requests", as I haven't tested it. Also, having a nice UI to edit the rules in-place, (like So, that's why I'm not entirely sure you can replace HTTP Nowhere with HTTPS Everywhere at this point. |
|
After some testing, HTTPS Everywhere's This solves the problem for me and is preferable to HTTP Nowhere (1 less addon, same results + no apparent OCSP problems). |
Would https://addons.mozilla.org/en-US/firefox/addon/http-nowhere/ be worth mentioning on the README? It blocks all connections not made over HTTPS. There is also an option to try forcing HTTPS when the site presents itself over a plaintext connection (similar to SMart HTTPS #187 (comment)), and a manual whitelist.
It does break a lot of websites which is expected since many hosts are not configured for SSL/TLS.
It does exactly what it says, block HTTP traffic.
Only major problem I found: it blocks connections to OCSP servers, which in turn also causes HTTPS connections to error. You have to manually whitelist them. In that regard #73 could be useful, I did not go this far.
https://github.com/cwilper/http-nowhere/ has some info.
The text was updated successfully, but these errors were encountered: