HTTP to HTTPS Automatically switch to HTTPS version of a website if it is supported
Support Development
PayPal ● 
Bitcoin Address: 1sM2BrTH8BRgt3quiASK8TmYSafutNvDo
Ether Address: 0xCf9eaAc56992e12EB61fD46342172d4EEff5C8e4

"HTTP to HTTPS" extension is an alternative to HTTPS Anywhere extension which switches to HTTPS version of a website when it is possible. This extension does not rely on a list of known hostnames to switch the user to the HTTPS version of a webpage, instead, upon loading of an insecure HTTP webpage, the extension evaluates the secure page availability and if it is found with an acceptable return code, the switch takes place. On a successful switch the extension caches the hostname for 10 days and all the subsequent switches are performed without additional server evaluation. Of course, if a user needs a renewal, there is an option for that in the toolbar popup. After installation, the extension adds a toolbar popup to your browser. There are multiple options available, like globally disabling the extension or disable the current page based on its hostname or a matching regular expression. This way the extension provides a powerful tool to add exception list for particular pages that still do not support secure HTTP communications.


  1. What is the "HTTP to HTTPS" add-on and how can I use it?

    This extension is an HTTP observer and switcher. When it is enabled and the top-level page loads in the HTTP protocol, the extension evaluates the HTTPS availability in the background. If it is supported, the top-level page switches to the HTTPS version. Note that this process only occurs once per hostname. All the subsequent requests are done without reevaluation. The extension keeps its evaluation results for 10 days or when the user manually clears them. After this period, the HTTPS version is reevaluated to make sure it is still accessible. If a hostname supports HTTPS only for some pages, you can write a custom regular expression that matches to the pages that are not supposed to be converted to HTTPS, for those pages, the extension will stay disabled. In the toolbar area of the extension, you have an option to globally disabling the extension. When the extension is disabled, there is no observation of the top-level pages anymore. Basically, the extension does not use any resource at all. If you need to disable the extension only on a particular hostname, use the "Disable (hostname)" matching option. This is the fastest method for the extension to bypasses a hostname. Note that hostname matching is not domain matching. So if a hostname matching is enabled for, it is not going to be applied on hostname. If you need to match multiple hostnames at once, you can use the regular expression matching method which is slower. There are two purging options in the popup which can be used to purge the evaluation result for a particular hostname, or the entire list. The number that is shown in the entire list section is the total number of HTTP evaluations that extension currently has within the last 10 days. If the extension doesn't have any evaluation for the currently visited website, it will display the purging option as disabled.

  2. What's new in this version?

    Please check the Logs section.

  3. Do I need to use the purging tools in the popup?

    To improve the performance, the extension only checks a hostname once per 10 days. If for any reason the evaluation is not accepted anymore, you can purge the hostname from the toolbar popup when the page is loaded. This way the extension will reevaluate this hostname once an HTTP page is loaded. You can also clear all the evaluation results by pressing the "purge all" link

  4. What is the meaning of the toolbar colors?

    The gray color is used when the extension is globally disabled. The gray icon plus the "d" badge text is used when the extension cannot switch to the HTTPS communication for the current tab for some reason. To get more info, place your mouse over the toolbar button. The green color is shown when there is a successful HTTP to HTTPS conversion (not at the server level, but at extension level). The blue color means the extension doesn't interact with this current page loading.

  5. How can I remove this page from the exception list (not being redirected to HTTPS protocol)?

    Generally, a page is not being redirected to the HTTPS protocol due to a matching rule or when there is an error response from the server. The rule might be a hostname matching rule or regular expression matching rule. When the toolbar is gray, open the toolbar popup and if a rule is matched, then its option is checked. By unchecking the option the rule gets deleted from the storage. Note that if both regular expression and hostname matching rules are checked, it means that both rules are applied at the same time. To remove the hostname from the exception list no matching rule must be present.

Matched Content


Please keep reviews clean, avoid the use of improper language and do not post any personal information.
  • <a> Defines an anchor.

    Example: <a href="">a sample link</a>

  • <pre><code> Syntax Highlighting (Supported languages: Bash, JSON, HTML, JavaScript, and CSS).

    Example: <pre><code class="javascript">var foo = 'bar';</code></pre>

  • <strong> Defines bold text
  • <blockquote> Defines a long quotation
  • <caption> Defines a table caption
  • <cite> Defines a citation
  • <em> Defines italic text
  • <p> Defines a paragraph
  • <span> Defines a section in a document
  • <s> Defines strikethrough text
  • <strike> Defines strikethrough text
  • <u> Defines underlined text
  • <br> Defines a single line break; can be used alone and don't need an ending tag

What's new in this version

Change Logs:
    Last 10 commits on GitHub
    Hover over a node to see more details

    Need help?

    If you have questions about the extension, or ideas on how to improve it, please post them on the  support site. Don't forget to search through the bug reports first as most likely your question/bug report has already been reported or there is a workaround posted for it.

    Open IssuesIssuesForks

    Permissions are explained

    storageto save internal preferences such as enabling and disabling state
    *://*/*http://*/* permission is used to observe HTTP requests. https://*/* is used to evaluate secure communication availability
    webNavigationto get notified when a top-level HTTP request is about to commit

    Recent Blog Posts on