Package Details: firefox-extension-https-everywhere 5.2.11-1

Git Clone URL: https://aur.archlinux.org/firefox-extension-https-everywhere.git (read-only)
Package Base: firefox-extension-https-everywhere
Description: Plugin for firefox which ensures you are using https whenever it's possible.
Upstream URL: https://www.eff.org/https-everywhere
Licenses: GPL2
Submitter: hcartiaux
Maintainer: hcartiaux (Eschwartz)
Last Packager: Eschwartz
Votes: 41
Popularity: 0.083442
First Submitted: 2011-11-08 21:24
Last Updated: 2017-02-15 05:27

Latest Comments

polyzen commented on 2017-02-14 03:09

I don't know how it works, but certain upstreams distribute verified XPI's.

EFF does this, NoScript IIRC, VimFx and a Pentadactyl-signed fork on GitHub, ..

Eschwartz commented on 2016-12-21 01:04

Mozilla review is required for sideloaded extensions, AFAIK.
Without it, you have to install it using the Firefox GUI or some such nonsense.

...

Their copy is identical to the Mozilla preliminary-review copy, except for the install.rdf -- which means the manifest is considering the pre-modification install.rdf
How does that even work???

polyzen commented on 2016-12-21 00:26

You may be interested in using PGP verification (and not having to wait quite some time for Mozilla review):
source=("https://www.eff.org/files/https-everywhere-$pkgver-eff.xpi"{,.sig})
validpgpkeys=('1073E74EB38BD6D19476CBF8EA9DBF9FB761A677') # William Budington

hcartiaux commented on 2016-10-07 20:33

5.2.5 is the latest version, so I unflag the package...

Eschwartz commented on 2016-09-25 21:59

Fixed checksums for the newly-reviewed version.

Apparently they taking a couple days now to review on general principle? I guess that isn't *too* bad... And my test for full validation is broken. :(

dvzrv commented on 2016-09-22 10:13

@Eschwartz: 5.2.5 doesn't validate with firefox 49

Eschwartz commented on 2016-09-05 14:08

Updated. :)

AMO finally let it pass full review. At one point they were extremely fast, but it took a lot longer this time, so I was worrying that they might have regressed to never-never land again... but all is well.

Gruentee commented on 2016-09-05 13:12

New checksum

8206329c71af19e051d650c34fdc67b3f61a392c1ef80a4a6f40c8fb0abc662a

Eschwartz commented on 2016-07-21 02:25

Pushed an update to 5.2.1

Also, a bit of templated code which should detect when an extension does not have signing data sufficient for Firefox to approve of, and add a warning and install script.
Which should help maintainers easily determine if their extensions have issues, and conditionally give the warning to end-users, not that I anticipate the need. Mozilla has been good about reviewing HTTPS Everywhere these days.

Since I did try to make this as generic a template as possible...

Eschwartz commented on 2016-02-19 18:27

Awesome.

Not sure why it was updated to 5.1.3 a month early, but updated now.
Removed the post-install warning, and hopefully this is a good omen for the future.

All comments