Please, don't retire the rulesets.
KOLANICH opened this issue · comments
Type: other
In the wake of https://www.eff.org/deeplinks/2021/09/https-actually-everywhere and https://www.eff.org/deeplinks/2021/04/https-everywhere-now-uses-duckduckgos-smarter-encryption .
There are plenty of places where http://
URIs reside. While we can bulk-replace them with sed
and say that it is the problem of the websites that they don't support https and that all plain http websites must become nonfunctional, it is not a constructive approach.
I have developed a tool https://github.com/KOLANICH-tools/https-everywhere-py/tree/bulk_replace applying HE rulesets to URIs in text files. It is a fork of https://github.com/jayvdb/https-everywhere-py , and a PR has been sent for integrating the code into the upstream, but the upstream project seems to be pretty dead.
Using this tool would help to avoid breakage, while improving security the projects, where "https-only mode" cannot be used.