KB SSL Enforcer
Item logo image for KB SSL Enforcer

KB SSL Enforcer

kbit.dk4.2(

290 ratings

)
Item media 1 screenshot

Overview

Automatic security, browse encrypted.

This extension enforces encryption for websites that support it as much as currently possible in Chrome. This gives you added security and privacy for your browsing automatically and transparently. This is particularly important on insecure networks, such as public wifi in e.g. coffee shops and hotels. It is not completely secure against the infamous Firesheep, but it does minimize the risk greatly. See the section on complete enforcement for technical details and more on when this will be possible. Features: - Automatically detects if a site supports SSL (TLS) and enforces all subsequent requests to be over SSL - As soon as a domain is set to be enforce, the browser will not send any unencrypted requests for that domain (unless the site deliberately enforces not using encryption, see the section on complete enforcement) - Flexible options for overriding the auto-detection - Caches which sites support SSL (respects incognito mode) - Open source (GPLv2 or later) Changelog: https://github.com/kbitdk/kbsslenforcer/blob/master/Changelog.md Issue tracker: https://github.com/kbitdk/kbsslenforcer/issues Complete enforcement: Due to Chrome limitations KB SSL Enforcer detects SSL on the very first visit to a page and is unable to block the unencrypted request from going through while this is happening. It will let that page load and if it is detected to support SSL, all subsequent requests to that domain will be enforced automatically to use SSL before the unencrypted request is sent from the browser. The unencrypted request only goes through on the very first page visit where it's detecting SSL support. The setting will be saved and survives reboots and all. The only way to stop enforcing SSL is to manually set it to ignore SSL on that domain or if the extension detects that the site is trying to enforce an unencrypted connection and therefore backs off by not enforcing it from then on. This first insecure request could send a cookie in the clear, which would give anyone with tools like Firesheep an opportunity to use your account on that site. But this only happens if they catch it during that first request and if it includes sensitive information, such as your logged in session. All subsequent requests, even after restarting the browser and rebooting the computer, will enforce encryption. Permissions: The manifest file states the permissions requested: https://github.com/kbitdk/kbsslenforcer/blob/master/chrome%20extension/manifest.json * *://*/ * This is for accessing pages on all domains and both with and without SSL * tabs * This is for accessing information on whether a tab is in incognito, so it can be respected * webRequest * This is for intercepting the unencrypted requests and detecting whether the site doesn't support encryption by redirecting encrypted requests to the unencrypted site * webRequestBlocking * This is for blocking the unencrypted requests while determining whether it needs to be redirected The project is open source and any scrutiny of the code or the extension's behavior is encouraged. If you have any comments, please open an issue on the issue tracker: https://github.com/kbitdk/kbsslenforcer/issues Feedback: Any questions or feedback are welcome in the issue tracker linked above, which has features to manage and notify people of any issues, so they can be fixed and we can all have a better extension. Please keep the user reviews section of this page to just reviews. Thanks. Developed by KB IT: https://kbit.dk

4.2 out of 5290 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Renart la volpeNov 28, 2021

it is outdated but it is the most decent of them all.

Review's profile picture

Ilya StroganovApr 14, 2017

bye-bye "HTTPS Everywhere"

5 out of 6 people found this helpful
Review's profile picture

Eddie AtterJan 29, 2017

Way better than HTTPS Everywhere. Lightweight, open source, and does what it says!

4 out of 4 people found this helpful

Details

  • Version
    2.0.5
  • Updated
    November 21, 2020
  • Size
    49.2KiB
  • Languages
    English
  • Developer
    Website
    Email
    kb@kbit.dk
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

Related

Privacy Guardr

4.4(16)

An extension to help you make informed decisions about the privacy implications of your installed extensions

Privacy Manager

4.3(167)

Manage privacy settings, browsing data deletion, quickly access page in incognito mode, manage cookies and monitor network traffic

HTTPS Finder

3.4(25)

Detects if pages are available on HTTPS and allows you to switch

IronVest

4.3(4.4K)

Protect your Passwords, Payments, and Privacy.

Certificate Info

3.9(20)

Shows TLS certificate info and validation level of the servers you connect.

SKN SSL Enforcer

4.3(13)

Force encrypted browsing with HTTPS

Disconnect

4.4(3.1K)

Make the web faster, more private, and more secure.

SSL Grade

3.9(14)

This Extension Uses the SSLLabs SSL Test to Show a Security Rating of the SSL connection You Are Using

Force HTTPS (SSL/TLS)

3.3(3)

Automatically use HTTPS (SSL/TLS Certificate) on websites.

ScriptSafe

3.9(1.7K)

Regain control of the web and surf more securely.

Smart HTTPS

4.4(31)

Automatically changes HTTP protocol to HTTPS, and if loading encounters error, reverts it back to HTTP.

SSL to TLS

4.4(5)

Replaces the text 'SSL' with 'TLS'.

Privacy Guardr

4.4(16)

An extension to help you make informed decisions about the privacy implications of your installed extensions

Privacy Manager

4.3(167)

Manage privacy settings, browsing data deletion, quickly access page in incognito mode, manage cookies and monitor network traffic

HTTPS Finder

3.4(25)

Detects if pages are available on HTTPS and allows you to switch

IronVest

4.3(4.4K)

Protect your Passwords, Payments, and Privacy.

Certificate Info

3.9(20)

Shows TLS certificate info and validation level of the servers you connect.

SKN SSL Enforcer

4.3(13)

Force encrypted browsing with HTTPS

Disconnect

4.4(3.1K)

Make the web faster, more private, and more secure.

SSL Grade

3.9(14)

This Extension Uses the SSLLabs SSL Test to Show a Security Rating of the SSL connection You Are Using

Google apps