|
3 | 3 | <head> |
4 | 4 | <meta charset="utf-8"> |
5 | 5 | <link href="chrome://browser/content/extension.css" rel="stylesheet"> |
6 | | - <!-- healthy redundancy in case the page is opened directly --> |
| 6 | + <!-- healthy redundancy in case the page is opened directly --> |
7 | 7 | <link href="httpz.css" rel="stylesheet"> |
8 | 8 | <link href="options.css" rel="stylesheet"> |
9 | 9 | </head> |
10 | 10 | <body class="flex row"> |
11 | 11 | <div id="main"> |
12 | 12 | <div id="d_general"> |
13 | 13 | <div class="browser-style flex row align-center"> |
14 | | - Enable Silent Fallback |
| 14 | + Fall back to HTTP without warning |
15 | 15 | <span class="info" tabindex="0" data-info="HTTPZ's behavior whenever it fails to establish a secure communication with a server |
16 | | - |
| 16 | +
|
17 | 17 | Enabled (default): will try an insecure communication (over HTTP) automatically |
18 | | - |
| 18 | +
|
19 | 19 | Disabled: will show you a warning page asking you how to proceed">i</span> |
20 | 20 | <x-fill></x-fill> |
21 | 21 | <input id="i_autoDowngrade" type="checkbox"> |
22 | 22 | </div> |
23 | 23 | <hr> |
24 | 24 | <div class="browser-style flex row align-center"> |
25 | | - Ignore insecure sites... |
26 | | - <span class="info" tabindex="0" data-info="After determining that a given site does not support HTTPS, HTTPZ will ignore subsequent requests to it for a certain period of time">i</span> |
| 25 | + Maximum wait before fallback (seconds) |
| 26 | + <span class="info" tabindex="0" data-info="The initial request to some sites that do not support HTTPS can take long to time out. HTTPZ will never wait longer than the time specified here before retrying requests over HTTP |
| 27 | +
|
| 28 | + Set to 0 to wait until the browser gives up (default)">i</span> |
| 29 | + <x-fill></x-fill> |
| 30 | + <input id="i_maxWait" type="text" class="browser-style num" pattern="^\d+$" required> |
| 31 | + </div> |
| 32 | + <hr> |
| 33 | + <div class="browser-style flex row"> |
| 34 | + <div class="flex col"> |
| 35 | + <div class="flex row align-center"> |
| 36 | + Remember insecure sites... |
| 37 | + <span class="info" tabindex="0" data-info="After determining that a given site does not support HTTPS, HTTPZ will remember its hostname for a certain period of time in order to avoid making superfluous attempts over HTTPS">i</span> |
| 38 | + </div> |
| 39 | + <x-fill></x-fill> |
| 40 | + <button class="browser-style" type="button" id="b_clearIgnored">🗑️</button> |
| 41 | + </div> |
27 | 42 | <x-fill></x-fill> |
28 | 43 | <div> |
29 | 44 | <div class="browser-style flex row align-center justify-end"> |
|
33 | 48 | <div class="browser-style flex row align-center justify-end"> |
34 | 49 | <label for="i_xdays">For</label> |
35 | 50 | <div class="browser-style"> |
36 | | - <input id="i_days" type="text" class="browser-style num" pattern="^0*[1-9]\d*$" required><label></label> |
| 51 | + <input id="i_days" type="text" class="browser-style num" pattern="^0*[1-9]\d*$" required> |
37 | 52 | </div> |
38 | 53 | <label for="i_xdays">day(s)</label> |
39 | 54 | <input id="i_xdays" name="period" type="radio" value=1> |
40 | 55 | </div> |
41 | 56 | <div class="browser-style flex row align-center justify-end"> |
42 | | - <label for="i_permanent">Permanently</label> |
| 57 | + <label for="i_permanent">Indefinitely</label> |
43 | 58 | <input id="i_permanent" name="period" type="radio" value=-1> |
44 | 59 | </div> |
45 | 60 | </div> |
46 | 61 | </div> |
47 | 62 | <hr> |
48 | | - <div class="browser-style flex row align-center"> |
49 | | - Maximum wait before fallback (seconds) |
50 | | - <span class="info" tabindex="0" data-info="The initial request to some sites that do not support HTTPS can take long to time out. HTTPZ will never wait longer than the time specified here before retrying requests over HTTP |
51 | | - |
52 | | - Set to 0 to wait until the browser gives up (default)">i</span> |
53 | | - <x-fill></x-fill> |
54 | | - <input id="i_maxWait" type="text" class="browser-style num" pattern="^\d+$" required> |
55 | | - </div> |
56 | | - <hr> |
57 | 63 | <div class="flex row align-center"> |
58 | | - Whitelist |
59 | | - <span class="info" tabindex="0" data-info="Whitelisted sites are ignored unconditionally |
60 | | - |
61 | | - This list accepts hostnames only (e.g. www.example.com)">i</span> |
| 64 | + Exclusions |
| 65 | + <span class="info" tabindex="0" data-info="HTTPZ will never attempt to use HTTPS for sites in this list |
| 66 | +
|
| 67 | + Only hostnames are accepted (e.g. www.example.com)">i</span> |
62 | 68 | <x-fill></x-fill> |
63 | 69 | <textarea autocomplete="off" class="browser-style" id="t_whitelist" rows="1" spellcheck="false"></textarea> |
64 | | - </div> |
65 | | - <hr> |
66 | | - <div class="flex row justify-space-around"> |
67 | | - <button class="browser-style" type="button" id="b_clearIgnored">Clear Ignore List</button> |
68 | | - <button class="browser-style wide" type="button" id="b_clearWhitelist">Clear Whitelist</button> |
| 70 | + <x-fill></x-fill> |
| 71 | + <button class="browser-style wide" type="button" id="b_clearWhitelist">🗑️</button> |
69 | 72 | </div> |
70 | 73 | </div> |
71 | 74 | <div id="d_advanced" hidden> |
72 | 75 | <div class="browser-style flex row align-center"> |
73 | 76 | Intercept server-initiated redirections to HTTP |
74 | 77 | <span class="info" tabindex="0" data-info="Enabled: HTTPZ will block any server-initiated downgrade attempts and display a warning page, allowing you to decide what to do |
75 | | - |
| 78 | +
|
76 | 79 | Disabled (default): HTTPZ will add the site to the ignore list and let the browser proceed with the redirection |
77 | | - |
| 80 | +
|
78 | 81 | 💡 Note that a secure communication with a server needs to be established first for it to be able to ask the browser to downgrade this way">i</span> |
79 | 82 | <x-fill></x-fill> |
80 | 83 | <input id="i_interceptRedirects" type="checkbox"> |
|
88 | 91 | </div> |
89 | 92 | <hr> |
90 | 93 | <div class="browser-style flex row align-center"> |
91 | | - Enable Proxy-Compatible Mode |
| 94 | + Make compatible with proxies |
92 | 95 | <span class="info" tabindex="0" data-info="Enable this if you connect through a forward proxy or gateway and HTTPZ causes it to respond with status codes 502 and/or 504 frequently |
93 | | - |
| 96 | +
|
94 | 97 | HTTPZ will start treating those as errors and act accordingly">i</span> |
95 | 98 | <x-fill></x-fill> |
96 | 99 | <input id="i_proxyCompat" type="checkbox"> |
|
99 | 102 | <div class="browser-style flex row align-center"> |
100 | 103 | Honor private browsing |
101 | 104 | <span class="info" tabindex="0" data-info="Enabled (default): potentially compromising information required by some features is not stored in the hard drive whenever it comes from a Private Browsing window. Such information is stored only in RAM instead. This includes: |
102 | | - |
| 105 | +
|
103 | 106 | - ignored sites |
104 | 107 | - known secure sites (see below) |
105 | | - |
| 108 | +
|
106 | 109 | Disabled: data coming from Private Browsing windows is not given any special treatment">i</span> |
107 | 110 | <x-fill></x-fill> |
108 | 111 | <input id="i_honorPB" type="checkbox"> |
|
111 | 114 | <div class="browser-style flex row align-center"> |
112 | 115 | Remember secure sites |
113 | 116 | <span class="info" tabindex="0" data-info="Every time that you navigate to a site that loads successfully over HTTPS, HTTPZ remembers its hostname, so as to avoid redirecting it back to HTTP if it ever fails in the future. This minimizes the risk of a Man-in-the-Middle being able to exploit the extension's behavior |
114 | | - |
| 117 | +
|
115 | 118 | ⚠️ Note that this information is stored unencrypted in HTTPZ's own local database in your hard drive. You may want to disable this if your threat model calls for it">i</span> |
116 | 119 | <x-fill></x-fill> |
117 | 120 | <input id="i_rememberSecureSites" type="checkbox"> |
118 | 121 | </div> |
119 | | - </div> |
| 122 | + </div> |
120 | 123 | </div> |
121 | 124 | <div id="sidebar"> |
122 | 125 | <br><button class="browser-style" type="button" id="b_general" disabled>General</button><br> |
|
0 commit comments