Google Chrome v94 has an important setting that can redirect users to HTTPS versions for all websites. Hence, extensions that offered this functionality are retiring early next year.
With the steady rise in HTTPS adoption, declining HTTP reliance, and browsers offering native controls, popular extensions that tweaked browser behavior to protect users are “sunsetting” in 2022.
Extensions such as HTTPS Everywhere, Smart HTTPS were critically needed to promote security and privacy:
The HyperText Transfer Protocol or HTTP is now nearly obsolete. Hypertext Transfer Protocol Secure or HTTPS is a successor to the old HTTP protocol. HTTPS is a secured conduit that exchanges information between an Internet user and the website.
In the early days of the Internet, the HTTPS secure protocol was not common, but the situation has changed significantly. Incidentally, it is difficult, but not impossible, to eavesdrop on the communication taking place between a browser and a web server with HTTPS. But overall, it is a lot more secure than HTTP.
HTTPS Everywhere extension isn't needed in Firefoxhttps://t.co/opzIGucyLu pic.twitter.com/KmjIZQpAeT
— Arkadiusz Wieczorek 🌎🌱 (@ark_wieczorek) February 22, 2021
All the major web browser makers insist Internet users must only visit websites with HTTPS prefixes and avoid websites that still rely on HTTP. Browser users can also rely on extensions or add-ons to steer them automatically towards the HTTPS versions of websites.
The Electronic Frontier Foundation (EFF) has HTTPS Everywhere. The extension is available for all popular web browsers such as Firefox, Chrome, Microsoft Edge, Opera, and Vivaldi. There are other extensions such as Smart HTTPS which offer similar functionality.
Electronic Frontier Foundation will deprecate #HTTPS Everywhere plugin https://t.co/aVSFUihPGo
— TechHelpKB.com (@techhelpkb) September 28, 2021
Barring a few differences, all these “HTTPS” attempt to load HTTPS sites over HTTP whenever possible. Needless to mention, such extensions were immensely popular when websites had HTTPS versions but preferred HTTP for simplicity and reduced security overheads.
Extensions such as HTTPS Everywhere, Smart HTTPS and have suddenly become redundant in Google Chrome v94:
Mozilla, Google, Microsoft have joined hands to increase HTTPS adoption on the web. This has skyrocketed the adoption of the secure protocol.
Several browsers are even offering HTTPS-only mode or HTTPS-first mode. Popular browsers such as Mozilla Firefox, Microsoft Edge, and Google Chrome have this feature.
This is a great result – making the HTTPS Everywhere extension redundant due to increased HTTPS adoption and native browser support for forcing HTTPS 🙂 https://t.co/VZrzFSNtRi
— Troy Hunt (@troyhunt) September 27, 2021
Simply put, users merely need to enable the HTTPS-only mode setting and stop using any extension that does the exact same thing. Understanding the same, the EFF has reportedly decided to gradually retire the HTTPS Everywhere extension.
Hence, it is important that users of the extension enable the HTTPS-only mode. Google Chrome v94, which was released recently, has the setting.
Beginning with 2022, HTTPS Everywhere to enter "maintenance mode"
In the meantime, here's how to enable HTTPS-only modes in various browsers pic.twitter.com/KnRg3c8B5I
— Catalin Cimpanu (@campuscodi) September 25, 2021
To switch on the same, click the three-dot menu, and search for the “Always use secure connection” option. It is available in the Security Settings section. Toggle the setting, and reboot the browser. Before enabling the setting, disable any extension that offers the same function.
It is important to note that merely having an HTTPS prefix is no guarantee about the safety and reliability of a website. Google Chrome and Microsoft Edge are trying to increase awareness about the same.