- Windows XP SP3 to Windows 8
- Internet Explorer 6 to 10
You can get a detailed explanation of the original extension on the EFF website. In summary, the extension forces a browser to use HTTPS (encrypted HTTP) whenever possible (e.g. when the website allows it).
HTTPS Everywhere redirects users to HTTPS URLs based on a set of rules. Switching from HTTP to HTTPS is still not as easy as it should be and many domains have not designed their websites to be accessed securely. We've explained some of the challenges on our blog.
The HTTPS Everywhere rules define which domain name can be accessed over HTTPS and how URLs need to be translated. For example, http://www.google.com/ should be translated into https://encrypted.google.com/. Some sections of websites may not be available over HTTPS and the rules take care of these exceptions.
Example of HTTPS Everywhere rules
HTTPS Everywhere also secures cookies according to rules, adding the secure attribute to cookies sent by the server. This ensures that any later access to the domains using HTTP (unsecure) will not leak sensitive information such as the session ID.
HTTPS Everywhere for IE
I'm very pleased to announce the release of HTTPS Everywhere for Internet Explorer 0.0.0.1. You can download it now at https://www.zscaler.com/research/plugins/ie/https-everywhere/https-everywhere.exe.
As the version number suggests, this is a very early release. I have been using the extension for several weeks without any problems, but it should be considered an alpha release. Version 0.0.0.1 translates URLs from HTTP to HTTPS according to the EFF rules and secures cookies. It does not currently support HSTS, not does it provide support for custom rules.
The extension comes with an installer. Simply download https-everywhere.exe and run it. Then make sure you restart Internet Explorer to enable the extension.
HTTPS Everywhere installer
We have a detailed documentation available on our website. It details how the extension works and describes it's architecture. Some of the behaviors are not obvious, so I strongly suggest that you read it. The documentation will be updated as we release new versions of HTTPS Everywhere for Internet Explorer.