The Electronic Frontier Foundation, a privacy concerned NGO offers/prmotes the firefox/chrome plugin HTTPS Everywhere.
Functionality
* when entering a site the browser/plugins checks, if the same page is available via https
* it has a list of rulesets and offers to automatically add new ones
* users can also include their rules: https://www.eff.org/https-everywhere/rulesets
Code
* Development branch https://www.eff.org/files/https-everywhere-devel.xpi
* Source code
git clone https://git.torproject.org/https-everywhere.git
* Changes: https://www.eff.org/files/Changelog.txt
* Rewrite Atlas: https://www.eff.org/https-everywhere/atlas
* Mailinglist: https://falcon.eff.org/mailman/listinfo/https-everywhere-rules
* Rules-Mailinglist: https://falcon.eff.org/mailman/listinfo/https-everywhere-rules
Our code is partially based on the STS implementation from the groundbreaking NoScript project (there are other STS implementations out there, too). HTTPS Everywhere aims to have a simpler user experience than NoScript, and to support complex rewriting rules that allow services like Google Search and Wikipedia to be redirected to HTTPS without breaking anything. It also handles situations like https:// pages that redirect back to http:// in a reasonable manner. In an ideal world, every web request could be defaulted to HTTPS. Unfortunately, there's no way to know that what you get from requesting https://www.domain.com/page is the same as what you get from requesting http://www.domain.com/page. So the only way to switch every page to https is to fetch the page insecurely first.
* https://secure.wikimedia.org/wikipedia/en/wiki/Strict_Transport_Security
* http://noscript.net/
* https://addons.mozilla.org/en-US/firefox/addon/12714/
* https://crypto.stanford.edu/forcehttps/
"HTTPS Everywhere encrypts your communications with many major websites, making your browsing more secure. More info."
https://www.eff.org/https-everywhere
HTTPS Everywhere is produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using a clever technology to rewrite requests to these sites to HTTPS.
HTTPS Everywhere can protect you only when you're using sites that support HTTPS and for which HTTPS Everywhere include a ruleset.
Hi, really appreciate the interest, you should post about this on the maling list, it's not a bug.