Brian, you are correct: Currently in both Chrome and Firefox, neither HSTS nor HTTPS Everywhere can "fix up" active mixed content. The blocking happens before either mechanism has a chance to rewrite the URLs.
Here are the relevant tickets to allow HTTPS Everywhere to do the rewrite, please star / vote for them: https://code.google.com/p/chromium/issues/detail?id=122548 https://bugzilla.mozilla.org/show_bug.cgi?id=878890 _______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
