On Jun 18, 2010, at 9:28 AM, judaiko judaiko wrote: > I want the HTTP URLs to be blocked entirely, so that it is not passed on to > Tor.
This can be done with foxyproxy and rule based proxy settings > But I still want the HTTP URL to be in the Firefox URL bar, so I can try if > https works (by adding the "s"). > > If it doesn't then I can disable it on that URL. > > However if I redirect it to a page on my local host, won't it come like this > in the Firefox URL bar C:\block.html ? > > Basically I guess I am looking for something that the corporate firewall > did...I think it did that because all the company resources to do work was on > https website, and there was no need to surf the interwebs...and in those > days there was no https Google.... > > > On Fri, Jun 18, 2010 at 12:44 AM, Seth David Schoen <[email protected]> wrote: > judaiko judaiko writes: > > > Let me say this first: > > > > One company had a firewall that blocked all non SSL traffic. > > > > So if you go https://mail.google.com and you sign in, it will stop you > > at one URL which was not https. > > > > I am not sure if Gmail still does this i.e. redirect you to non https > > (http) url after login, and then again go into https mode when you > > enter gmail. > > > > So this firewall used to give error saying not allowed, but when you > > changed it to https, the previous Gmail redirect url worked, and I > > could login to Gmail. > > > > Now is there an add-on that does this in Firefox? > > > > Block ALL http traffic by default? > > EFF has been working on one called HTTPS Everywhere: > > https://www.eff.org/https-everywhere/ > > There are some subtle issues around situations where a site > supports HTTPS for some resources but not others. For example, > you can currently use > > https://www.google.com/ > > for encrypted web search, but only the unencrypted form > > http://www.google.com/language_tools?hl=en > > for translation services. As a result, HTTPS Everywhere has a > database of rules with exceptions, so that a rule can apply to > only a portion of a site. > > This may not do exactly what you want because you might prefer > to block HTTP URLs entirely, rather than allowing them only if > no HTTPS equivalent exists. You could probably achieve this in > HTTPS Everywhere by adding a local wildcard rule that matches > every HTTP site and redirects it to an intentionally broken > page, such as a URL within your local host. The means of setting > up your own local rewrite rules are described at > > https://www.eff.org/https-everywhere/rulesets > > -- > Seth Schoen > Senior Staff Technologist [email protected] > Electronic Frontier Foundation http://www.eff.org/ > 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 > *********************************************************************** > To unsubscribe, send an e-mail to [email protected] with > unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ >
