隨著我們每天瀏覽網際網路時不斷面臨的安全威脅，儘可能多地鎖定東西是值得的。考慮到這一點，如何在可能的情況下強制googlechrome使用HTTPS？今天的超級使用者問答文章討論了一些幫助有安全意識的讀者獲得HTTPS滿意度的解決方案。

今天的問答環節是由SuperUser提供的，SuperUser是Stack Exchange的一個分支，是一個由社群驅動的問答網站分組。

問題

超級使用者讀者kiewic想知道如何強制Google Chrome儘可能使用HTTPS而不是HTTP：

Many websites offer both versi*** (HTTPS and HTTP) like https://stackoverflow.com and http://stackoverflow.com for instance.

Is there any way to force Google Chrome to always try for HTTPS first before HTTP when typing something like stackoverflow.com in the address bar?

如果可能的話，你怎麼強迫googlechrome總是使用HTTPS而不是HTTP呢？

答案

超級使用者貢獻者paradroid和Omar為我們提供了答案。首先，paradroid：

You could try the HTTPS Everywhere extension for Google Chrome. (Note From the Editor: We recommend HTTPS Everywhere if you want to be sure HTTPS is enabled everywhere it’s available. This extension is less necessary than it was a few years ago, however, as more and more sites have enabled HTTPS by default.)

接下來是奧馬爾的回答：

Force HTTPS in Google Chrome

Google is one of the more aggressive companies pushing to make this happen. Here are several ways you can force HTTPS in Chrome to ensure your browsing is as safe as possible.

Start Google Chrome with HTTPS

Enable Google Chrome support by typing chrome://net-internals/ into your address bar, then select HSTS from the drop-down menu. HSTS is HTTPS Strict Transport Security, a way for websites to elect to always use HTTPS. Using this setting, you can now force HTTPS for any domain you want and even “pin” the domain so that only a more trusted subset of CAs are permitted to identify that domain. The downside is that if you force a domain that does not have SSL at all, you will not be able to access the website.

HTTP Strict Transport Security (The Chromium Projects) (Note From the Editor: You can no longer change this option yourself in Chrome. Website owners can still enable HSTS for their websites.)

Force HTTPS with the KB SSL Enforcer Extension

This extension will force HTTPS in Google Chrome for websites that support it. Keep in mind that It is not completely secure against the infamous Firesheep, but it does minimize the risk greatly. Due to Google Chrome’s limitati***, the KB SSL Enforcer extension redirects the page while it is loading. You will see a quick flicker of the unencrypted page, but it redirects you as fast as possible.

KB SSL Enforcer Extension Homepage

Use HTTP Extension to Force HTTPS in Google Chrome

The Use HTTP extension will force defined sites to use HTTPS instead of HTTP. It comes preloaded with two defined sites: Facebook and Twitter. Like the previous extension, the initial request is sent to websites not using HTTPS.

Use HTTPS Extension Homepage (Note From the Editor: This extension is no longer available.)

有什麼要補充的解釋嗎？在評論中發出聲音。想從其他精通技術的Stack Exchange使用者那裡瞭解更多答案嗎？在這裡檢視完整的討論主題。