True, I'm not surprised at all. HTTPS Everywhere-like functionality should be in... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

johannh on Nov 26, 2014 | parent | context | favorite | on: Why HTTPS Everywhere isn't on addons.mozilla.org

True, I'm not surprised at all. HTTPS Everywhere-like functionality should be integrated into browsers and not a downloadable extra, tricking people into feeling fully secured.

toomuchtodo on Nov 26, 2014 [–]

While not "everywhere"...

Force SSL only: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

Have site preloaded in Chrome: https://hstspreload.appspot.com

mbrubeck on Nov 26, 2014 | [–]

Firefox also has a built-in HSTS preload list, which I believe uses the Chrome list as one of its inputs: https://blog.mozilla.org/security/2012/11/01/preloading-hsts...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact