Re: HTTPS Everywhere Firefox addon

[Seth David Schoen <schoen@xxxxxxx>]

Scott Bennett writes:

>      What seems to be missing from this discussion is the fact that NoScript
> already supports forcing HTTPS on a site-by-site or pattern basis.  You
> should be using NoScript already if you use Firefox, so just tell it what
> to do.

There's one piece of additional functionality that was added in
HTTPS Everywhere that can be important for these sites.  Although
NoScript lets you use regular expressions to choose which URLs
within a site get converted to HTTPS, NoScript doesn't let you
rewrite _the URL itself_, which HTTPS Everywhere does (also
using regular expression substitutions).  For example, the
current alpha version of HTTPS Everywhere correctly handles
Wikipedia rewrites like

http://en.wikipedia.org/wiki/Security
 --> https://secure.wikimedia.org/wikipedia/en/wiki/Security

http://de.wikipedia.org/wiki/Sicherheit
 --> https://secure.wikimedia.org/wikipedia/de/wiki/Sicherheit

http://pt.wikipedia.org/wiki/Segurança
 --> https://secure.wikimedia.org/wikipedia/pt/wiki/Segurança

It's certainly annoying that Wikimedia doesn't let you use
HTTPS directly this way, but given the status quo, HTTPS
Everywhere can address this.

-- 
Seth Schoen
Senior Staff Technologist                         schoen@xxxxxxx
Electronic Frontier Foundation                    http://www.eff.org/
454 Shotwell Street, San Francisco, CA  94110     +1 415 436 9333 x107
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/