[HTTPS-Everywhere] HTTPS Everywhere & insecure JS in Chrome

[Adam Langley]

I feel that the only reasonable code change would be to move the
mixed-scripting detection logic to the point in WebKit where we start
to process the request. At that point we could determine whether we
actually loaded it securely due to an internal redirect.

But it's a bunch of work. I suspect that, unless you have someone
someone lined up to do it, it's probably not going to happen.


Cheers

AGL