Page 1 of 1

Obsolete sticky

Posted: Wed May 10, 2023 9:06 pm
by barbaz
The advice in this sticky is now years obsolete. A lot has changed since that post was written:

re: (1), sites no longer have separate URLs for plain-HTTP version and HTTPS version. Now, sensitive sites generally try to automatically upgrade plain-HTTP connections to HTTPS, usually in a way that would be persistent. In fact, in today's internet, a sensitive site failing to upgrade a plain-HTTP connection to HTTPS is now a red flag.

re: (2), the modern way to address all those issues is to just use browser's built-in HTTPS-only mode. NoScript doesn't even have the mentioned features anymore.

re: (3), ABE has not yet been ported to NoScript Webext. While it is definitely coming, there is no planned timeline, so advising to use ABE is not currently useful.

Should that thread be un-stickied?

Re: Obsolete sticky

Posted: Fri Sep 08, 2023 8:46 pm
by barbaz