A modified clone of https://github.com/redpois0n/hsts-everywhere-chrome "Forces Chrome to use HTTP Strict Transport Security on all HTTPS connections https://chrome.google.com/webstore/detail/hsts-enforcer/ingdjdekfhnapeoiiinplcadnfimnnkh "
Emanuel Czirai
e1a975ddb7
to ignore list
|
8 years ago | |
|---|---|---|
| .gitignore | 8 years ago | |
| CONTRIBUTING.md | 8 years ago | |
| LICENSE | 8 years ago | |
| README.md | 8 years ago | |
| background.js | 8 years ago | |
| icon.png | 8 years ago | |
| manifest.json | 8 years ago | |
| options.html | 8 years ago |
README.md
hsts-everywhere-chrome
Forces Chrome/Chromium to use HTTP Strict Transport Security on all HTTPS connections, for all subdomains of the specific hostname you're trying to connect to. Also forces https on all urls, blocks http(but can allow it if you set a var). Can force disable HSTS, or can ignore hosts in hardcoded lists. Auto-ignores hosts that cause redir-loops eg. imdb.com and thus it http isn't allowed(which is the default) it will block the site, else it will load it on http; instead of entering redir-loop trying to https it!
Default max-age is 6 months. Change this in background.js in seconds
var max_age = "15570000";