HTTPS Finder是一个firefox浏览器扩展,这个插件的作用就是发现网站支持https连接时提醒你并设置成自动换到https加密连接,与前文介绍的HTTPS everywhere扩展功能基本相同,HTTPS Finder还可以为https everywhere自动添加https浏览规则,这对于国内复杂的网络环境还是有一点用的



2012-3-2 更新 v0.86,官方下载:



1、因为HTTPS Finder强制https加密访问时,是在探测http非加密某个网页之后,所以,在ssl加密之前传送的cookie可能还是非加密的http,这就可能不能防止Firesheep或中间人攻击,不过扩展还是最大限度地减少这种情况发生的机会。

2、HTTPS Finder对HTTPS的搜索只检测具有良好的有效证书者,并不能保证在服务器端实现安全的SSL。


HTTPS Finder是最强大的使用方法就是与HTTPS everywhere配合使用。如果单独使用也可以,有它总比没有好。


原文标题:HTTPS-finder扩展强制Firefox加密浏览v0.86 - 美博园
美博园文章均为“原创 - 首发”,请尊重辛劳撰写,转载请以上面完整链接注明来源!

网 友 留 言

11条评论 in “HTTPS-finder扩展强制Firefox加密浏览v0.86”
  1. Andrzeja

    Uploaded: Mar 1 (3 days ago)
    httpsfinder086.xpi 71.7 KB
    -- Fixed issue 42: No Ok/cancel buttons to exit preference window (bug affected OS X only).
    SHA1 Checksum: b2070de9f6532da7b0f74adfcbc88d56b43e6c8b What's this?"

  2. Andrzeja
    "httpsfinder081d1.xpi HTTPS Finder 0.81d1 3 days ago 3 days ago 67.5 KB "
    httpsfinder081d1.xpi 67.5 KB

    Development build: Tested in Win7 x64 and Ubuntu 11.10 x64

    Compatibility: Firefox 4.0-11.0a2

    Changes since 0.80d2:

    -- Fixed bug where whitelisted domains could be removed from whitelist during runtime.

    -- Fixed bug where Preference window Enable/Disable toggle would not re-enable correctly all the time.

    -- **Feedback requested:** Added feature to set secure cookie flags on valid HTTPS domain cookies. Disabled by default, enable in Preferences > Advanced > "Secure cookies for valid HTTPS domains". Only works on cookies for the exact detected domain (e.g. "" cookies are not secured for detected ""). Clicking the "Add to whitelist" or "Not Now" button on the alert drop down restores secured cookies to their original insecure state. I'm not sure if this feature will cause problems/unexpected behavior, nor is it perfect since we can't apply an aggressive securing policy to all domains. I'm very interested in feedback on this feature: email "

  3. Andrzeja
    "httpsfinder080d2.xpi HTTPS Finder 0.80d2 Dec 7 Dec 7 68.0 KB "

  4. Andrzeja
    " httpsfinder079dev3.xpi 69.7 KB
    Development build:
    Compatibility: Firefox 4.0-9.0a2
    Changes since 0.78:
    -- Fixed improper character encoding in zh-CN locale (bug introduced in 0.78dev)
    -- Added hidden pref to alert when a self-signed certificate is present. I've had multiple requests, but it will most likely remain a hidden setting since most people probably shouldn't use it. Go to about:config, and enable "extensions.httpsfinder.allowSelfSignedCerts". Auto-enforce won't happen since it would degrade experience (cert errors), but a special alert will appear, allowing you to go to HTTPS or whitelist.
    The alert string is only in English for now - will get it translated before next release."

  5. Andrzeja
    "https_finder-0.77-fx.xpi HTTPS Finder 0.77 Featured 9 hours ago 9 hours ago 69.0 KB "

  6. Andrzeja
    "Force-TLS allows web sites to tell Firefox that they should be served via HTTPS in the future; this helps secure you from accidentally negotiating an insecure session with certain sites. Force-TLS is also compatible with Strict Transport Security."
    "ForceTLS is an adaptation of the ForceHTTPS protocol by Collin Jackson and Adam Barth, which supports a simple HTTP header in forcing automatic connections to HTTPS connections in the future. Here's how it works:

    1. A site served via HTTPS provides a Strict-Transport-Security HTTP header in its response. The header contains a max-age value (how long to remember the forced security) and optionally an includeSubDomains flag.
    2. The browser receives this header and adds it to a Force TLS database.
    3. In the future, any requests to are modified to be via HTTPS if they are attempted through HTTP before the request hits the network.
    4. If any subdomains * are requested via HTTP and the includeSubDomains flag was set, they are also forced to be HTTPS.

    Use this add-on to extend Firefox so that it will listen to Strict-Transport-Security suggestions from web servers. This add-on will enforce secure connections for sites that use the Strict-Transport-Security header.

    You can also use the add-on to add your own forcing rules -- to be sure you always visit your favorite sites over HTTPS."



5 + 9 =
【您可以使用 Ctrl+Enter 快速发送】
Copyright © 2007 - 2023 , Design by 美博园. 版权所有. 若有版权问题请留言通知本站管理员. 【回到顶部】