[HTTPS-Everywhere] https everywhere for chromium
Chris Palmer
chris at eff.org
Fri Mar 4 17:46:29 PST 2011
Thanks Aaron!
Maybe we could implement code equivalent to Aaron's in JavaScript, and
put that code in a Chromium extension? Then the user would not need a
Python interpreter or to quit their browser.
Maybe we could also publish the HTTPS E rules as a separate file, so
that clients (Firefox and Chrome) could routinely snarf the one file to
get the latest and greatest. Then rule updates would not incur a whole
plugin update.
On 03/04/2011 04:53 PM, Peter Eckersley wrote:
> This is great.
>
> Aaron, I've made some fixes to your code in the hsts-chromium branch at:
>
> https://gitweb.torproject.org/pde/https-everywhere.git
>
> On Fri, Mar 04, 2011 at 02:09:55PM -0500, Aaron Swartz wrote:
>> I've added a little script for Chromium that tries to parse the HTTPS
>> Everywhere rules and generate JSON blocks for Chromium's
>> TransportSecurity file:
>>
>> https://github.com/aaronsw/https-everywhere/
>>
>> At the very least I figure this should at least improve my own
>> security. If it seems sensible to you, it could probably be converted
>> into something pretty easy to run. The directions would be:
>>
>> 1. Quit Chromium.
>> 2. Run this Python script (it would find, parse, and edit TransportSecurity).
>> 3. Relaunch Chromium.
>>
>> Getting people to run a Python script isn't as easy as having them
>> install a browser plugin, but you know me -- any little bit I can do
>> to improve security.
More information about the HTTPS-everywhere
mailing list