隨著我們每天瀏覽網際網路時不斷面臨的安全威脅,儘可能多地鎖定東西是值得的。考慮到這一點,如何在可能的情況下強制googlechrome使用HTTPS?今天的超級使用者問答文章討論了一些幫助有安全意識的讀者獲得HTTPS滿意度的解決方案。
今天的問答環節是由SuperUser提供的,SuperUser是Stack Exchange的一個分支,是一個由社群驅動的問答網站分組。
超級使用者讀者kiewic想知道如何強制Google Chrome儘可能使用HTTPS而不是HTTP:
Many websites offer both versi*** (HTTPS and HTTP) like https://stackoverflow.com and http://stackoverflow.com for instance.
Is there any way to force Google Chrome to always try for HTTPS first before HTTP when typing something like stackoverflow.com in the address bar?
如果可能的話,你怎麼強迫googlechrome總是使用HTTPS而不是HTTP呢?
超級使用者貢獻者paradroid和Omar為我們提供了答案。首先,paradroid:
You could try the HTTPS Everywhere extension for Google Chrome. (Note From the Editor: We recommend HTTPS Everywhere if you want to be sure HTTPS is enabled everywhere it’s available. This extension is less necessary than it was a few years ago, however, as more and more sites have enabled HTTPS by default.)
接下來是奧馬爾的回答:
Force HTTPS in Google Chrome
Google is one of the more aggressive companies pushing to make this happen. Here are several ways you can force HTTPS in Chrome to ensure your browsing is as safe as possible.
Start Google Chrome with HTTPS
Enable Google Chrome support by typing chrome://net-internals/ into your address bar, then select HSTS from the drop-down menu. HSTS is HTTPS Strict Transport Security, a way for websites to elect to always use HTTPS. Using this setting, you can now force HTTPS for any domain you want and even “pin” the domain so that only a more trusted subset of CAs are permitted to identify that domain. The downside is that if you force a domain that does not have SSL at all, you will not be able to access the website.
HTTP Strict Transport Security (The Chromium Projects) (Note From the Editor: You can no longer change this option yourself in Chrome. Website owners can still enable HSTS for their websites.)
Force HTTPS with the KB SSL Enforcer Extension
This extension will force HTTPS in Google Chrome for websites that support it. Keep in mind that It is not completely secure against the infamous Firesheep, but it does minimize the risk greatly. Due to Google Chrome’s limitati***, the KB SSL Enforcer extension redirects the page while it is loading. You will see a quick flicker of the unencrypted page, but it redirects you as fast as possible.
KB SSL Enforcer Extension Homepage
Use HTTP Extension to Force HTTPS in Google Chrome
The Use HTTP extension will force defined sites to use HTTPS instead of HTTP. It comes preloaded with two defined sites: Facebook and Twitter. Like the previous extension, the initial request is sent to websites not using HTTPS.
Use HTTPS Extension Homepage (Note From the Editor: This extension is no longer available.)
有什麼要補充的解釋嗎?在評論中發出聲音。想從其他精通技術的Stack Exchange使用者那裡瞭解更多答案嗎?在這裡檢視完整的討論主題。
谷歌(Google)正在打擊未加密的網站,航空公司將支援****的社交網路Galaxy Note 7(Galaxy Note 7)接地,最後的守護者(Guardian)被推遲,iPhone使用者無法識別自己的**。 ...
...問題。全世界的網際網路使用者都應該意識到安全工具是如何被濫用的。這些工具可能會損害隱私,並收集有關您訪問的網站和線上傳送的訊息的資料。 ...
... 你可以看到為什麼谷歌熱衷於強迫儘可能多的網站使用這個安全措施。它對搜尋引擎有利,對使用者有利。加密使網際網路更加安全。 ...
... 大多數描述如何安裝SSL證書的指南都會告訴您必須有一個專用的IP。這意味著購買更昂貴的專用託管計劃。 ...
谷歌在很多方面都很出名,但隱私和安全通常不在首位。除了Facebook之外,他們經常因為使用你的資料而受到嚴厲批評。無論是掃描你的Gmail收件箱向你展示有針對性的廣告,還是與美國****局合作監視世界各地的使用者,都有很...
...問的人會認為你更值得信任。現在,大多數使用者都知道如何檢查安全連線,因此安裝SSL證書表明您認真對待他們的隱私。 ...
...把HTTPS作為預設選項而不是例外了。也就是說,至少根據谷歌的說法,它正在改變Chrome處理安全網頁和非安全網頁的方式。也是時候了。 ...