Scott Bennett writes: > What seems to be missing from this discussion is the fact that NoScript > already supports forcing HTTPS on a site-by-site or pattern basis. You > should be using NoScript already if you use Firefox, so just tell it what > to do.
There's one piece of additional functionality that was added in HTTPS Everywhere that can be important for these sites. Although NoScript lets you use regular expressions to choose which URLs within a site get converted to HTTPS, NoScript doesn't let you rewrite _the URL itself_, which HTTPS Everywhere does (also using regular expression substitutions). For example, the current alpha version of HTTPS Everywhere correctly handles Wikipedia rewrites like http://en.wikipedia.org/wiki/Security --> https://secure.wikimedia.org/wikipedia/en/wiki/Security http://de.wikipedia.org/wiki/Sicherheit --> https://secure.wikimedia.org/wikipedia/de/wiki/Sicherheit http://pt.wikipedia.org/wiki/Segurança --> https://secure.wikimedia.org/wikipedia/pt/wiki/Segurança It's certainly annoying that Wikimedia doesn't let you use HTTPS directly this way, but given the status quo, HTTPS Everywhere can address this. -- Seth Schoen Senior Staff Technologist [email protected] Electronic Frontier Foundation http://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
