随着我们每天浏览互联网时不断面临的安全威胁，尽可能多地锁定东西是值得的。考虑到这一点，如何在可能的情况下强制googlechrome使用HTTPS？今天的超级用户问答文章讨论了一些帮助有安全意识的读者获得HTTPS满意度的解决方案。

今天的问答环节是由SuperUser提供的，SuperUser是Stack Exchange的一个分支，是一个由社区驱动的问答网站分组。

问题

超级用户读者kiewic想知道如何强制Google Chrome尽可能使用HTTPS而不是HTTP：

Many websites offer both versi*** (HTTPS and HTTP) like https://stackoverflow.com and http://stackoverflow.com for instance.

Is there any way to force Google Chrome to always try for HTTPS first before HTTP when typing something like stackoverflow.com in the address bar?

如果可能的话，你怎么强迫googlechrome总是使用HTTPS而不是HTTP呢？

答案

超级用户贡献者paradroid和Omar为我们提供了答案。首先，paradroid：

You could try the HTTPS Everywhere extension for Google Chrome. (Note From the Editor: We recommend HTTPS Everywhere if you want to be sure HTTPS is enabled everywhere it’s available. This extension is less necessary than it was a few years ago, however, as more and more sites have enabled HTTPS by default.)

接下来是奥马尔的回答：

Force HTTPS in Google Chrome

Google is one of the more aggressive companies pushing to make this happen. Here are several ways you can force HTTPS in Chrome to ensure your browsing is as safe as possible.

Start Google Chrome with HTTPS

Enable Google Chrome support by typing chrome://net-internals/ into your address bar, then select HSTS from the drop-down menu. HSTS is HTTPS Strict Transport Security, a way for websites to elect to always use HTTPS. Using this setting, you can now force HTTPS for any domain you want and even “pin” the domain so that only a more trusted subset of CAs are permitted to identify that domain. The downside is that if you force a domain that does not have SSL at all, you will not be able to access the website.

HTTP Strict Transport Security (The Chromium Projects) (Note From the Editor: You can no longer change this option yourself in Chrome. Website owners can still enable HSTS for their websites.)

Force HTTPS with the KB SSL Enforcer Extension

This extension will force HTTPS in Google Chrome for websites that support it. Keep in mind that It is not completely secure against the infamous Firesheep, but it does minimize the risk greatly. Due to Google Chrome’s limitati***, the KB SSL Enforcer extension redirects the page while it is loading. You will see a quick flicker of the unencrypted page, but it redirects you as fast as possible.

KB SSL Enforcer Extension Homepage

Use HTTP Extension to Force HTTPS in Google Chrome

The Use HTTP extension will force defined sites to use HTTPS instead of HTTP. It comes preloaded with two defined sites: Facebook and Twitter. Like the previous extension, the initial request is sent to websites not using HTTPS.

Use HTTPS Extension Homepage (Note From the Editor: This extension is no longer available.)

有什么要补充的解释吗？在评论中发出声音。想从其他精通技术的Stack Exchange用户那里了解更多答案吗？在这里查看完整的讨论主题。