Force-TLS extension for Firefox

Edit Package firefox-ext-force_tls
https://addons.mozilla.org/en-US/firefox/addon/12714

ForceTLS is an adaptation of the ForceHTTPS protocol by Collin Jackson and Adam Barth, which supports a simple HTTP header in forcing automatic connections to HTTPS connections in the future. Here's how it works:

1. A site x.com served via HTTPS provides a X-Force-TLS (or Strict-Transport-Security) HTTP header in its response. The header contains a max-age value (how long to remember the forced TLS) and optionally an includeSubDomains flag.
2. The browser recieves this header and adds it to a Force TLS database.
3. In the future, any requests to x.com are modified to be via HTTPS if they are attempted through HTTP before the request hits the network.
4. If any subdomains *.x.com are requested via HTTP and the includeSubDomains flag was set, they are also forced to be HTTPS.

Use this add-on to extend Firefox so that it will listen to X-Force-TLS suggestions from web servers. This add-on will enforce secure connections for sites that use the X-Force-TLS header as well as the Strict-Transport-Security header.

Refresh
Refresh
Source Files
Filename Size Changed
firefox-ext-force_tls.changes 0000000286 286 Bytes
firefox-ext-force_tls.spec 0000002021 1.97 KB
force_tls-3.0.0-fx.xpi 0000118229 115 KB
Latest Revision
Ludwig Nussel's avatar Ludwig Nussel (lnussel) committed (revision 2)
- update to version 3.0.0
Comments 0
openSUSE Build Service is sponsored by