InformAction Forums

I've entered a list of sites to force HTTPS on, and it works for most sites, but seems to have no effect on facebook.com.

Are you using adblock plus?

NoScript runs as last policy.

If you're blocking things in facebook via adblock plus they get blocked before NoScript can get to them.

Also just "facebook.com" doesn't catch everything. It's best to try *.facebook.com. Also make sure to get *.fbcdn.net

I do have adblock plus, though it seems to me it shouldn't be a problem. Especially considering it doesn't seem to interfere with other sites.

What about sites which properly don't use subdomains, like twitter? And I did get fbcdn.net.

Check to make sure you don't have allow through bookmark enabled (on general tab of options) and on appearance tab, make sure you have selected full addresses, so that way you can allow https:// specifically. If you do only 2nd level, then it won't care what protocol. Hope that helps.

I'm not going through bookmarks, and I don't have allow through bookmarks enabled. Using full domains might work, but then there would be far to large a list, and I'm sure I'd miss some. It should work as is. I'm wondering if Facebook is doing something weird, like redirecting to HTTP.

It works fine for me by adding facebook.com and *.facebook.com.
BTW, using both twitter.com and *.twitter.com is advisable as well, since twitter does use subdomains for instance to deliver avatars.

Putting 'facebook.com' should include '*.facebook.com' as well. It seems to for other sites.

Tanath wrote:Putting 'facebook.com' should include '*.facebook.com' as well. It seems to for other sites.

No it doesn't. *.site.com does not match http://site.com, and site.com does not match http://www.site.com.