Force-TLS extension for Firefox
ForceTLS is an adaptation of the ForceHTTPS protocol by Collin Jackson and Adam Barth, which supports a simple HTTP header in forcing automatic connections to HTTPS connections in the future. Here's how it works:
1. A site x.com served via HTTPS provides a X-Force-TLS (or Strict-Transport-Security) HTTP header in its response. The header contains a max-age value (how long to remember the forced TLS) and optionally an includeSubDomains flag.
2. The browser recieves this header and adds it to a Force TLS database.
3. In the future, any requests to x.com are modified to be via HTTPS if they are attempted through HTTP before the request hits the network.
4. If any subdomains *.x.com are requested via HTTP and the includeSubDomains flag was set, they are also forced to be HTTPS.
Use this add-on to extend Firefox so that it will listen to X-Force-TLS suggestions from web servers. This add-on will enforce secure connections for sites that use the X-Force-TLS header as well as the Strict-Transport-Security header.
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:lnussel:firefox/firefox-ext-force_tls && cd $_
- Create Badge
Source Files
Filename | Size | Changed |
---|---|---|
firefox-ext-force_tls.changes | 0000000286 286 Bytes | |
firefox-ext-force_tls.spec | 0000002021 1.97 KB | |
force_tls-3.0.0-fx.xpi | 0000118229 115 KB |
Latest Revision
- update to version 3.0.0
Comments 0