extension ExtPose

HTTPS Somewhere

Description from extension meta

Redirect HTTP to HTTPS with user defined rules.

Image from store HTTPS Somewhere
Description from store [Notice: in alpha state] If you like to look under the hood, writing some regular expression, or want a safer way to prevent massive XSS attack utilizing TLS or SSL encryption. HTTPS Somewhere will not let you disappointed. It is another HTTPS redirection extension that do exactly what you want. (See screenshot for better idea.) What make HTTPS Somewhere different from HTTPS Everywhere? - Encrypt what matter rather than attempt to encrypt many websites as possible. - Works with resources and elements even on the webpages that not secure.* - You take full control of the redirection with more advance user interface. - Take advantage from powerful regular expression you can define any pattern you can imagined. - Works completely in the background no icon added to the toolbar. - HTTPS Somewhere will never break any website without your consent. - It doesn't try to outsmart you. Some limitations: - Relatively difficult compared to HTTPS Everywhere. - Can't redirect to different hostname. How to use? - Check "Options" link in chrome://extensions/ * Why this matter? Why make some resources secure despite that the page itself is not? It doesn't make anything more secure, does it? There is a case in Thailand where an attacker exploit caching server of certain ISP. (Probably related to DNS and weird caching behavior. The details never made public and the case was denied by the ISP. However, this case affect millions of endpoints leaving lots of eye witness.) The attacker focus on Google's services included (but not limited to) Google Analytic and Google Ads. Result in massive and largest scale javascript injection I ever see in my life. (My estimation of the revenue the attacker gain from this one attack is at least 6 figures USD. The attack last for months because it is highly inconsistent.) So yeah in theory this probably wont gain any security to any page or prevent Eve to do bad things but in practical it does prevent some attack vector.

Latest reviews

  • (2018-03-31) Melih Taş: Works as described and does it perfectly.
  • (2018-02-15) Samuel Martin: I feel safe and secure.+
  • (2016-12-09) Rehankk Rehankk: nice
  • (2015-11-30) Arseniy P: добавил правило www.youtube.com нормальное. комментировать без перезагрузки могу теперь!
  • (2015-07-12) Jason Cady: Very useful when combined with HTTPS Finder. Hopefully someday the other extension will get a way to deal with false positives.
  • (2014-09-16) Solano Felicio: Finalmente uma extensão que checa a URL e redireciona ANTES de carregar. Needs a button, but excellent job.

Latest issues

  • (2015-08-28, v:0.0.1) Sergei Baranov: Doesn't seem to work anymore
    Using the latest Chrome beta it has stopped working. On youtube.com the page opens as http. It worked before redirecting to HTTPS. Not sure what's causing it.

Statistics

Installs
613 history
Category
Rating
4.4545 (11 votes)
Last update / version
2014-09-08 / 0.0.1
Listing languages

Links