CodeMirror/uMatrix
1
0
Fork 0
mirror of https://github.com/gorhill/uMatrix.git synced 2024-06-02 18:34:52 +12:00
Code Issues Releases Wiki Activity

Updated Per scope switches (markdown)

gorhill 2014-11-22 03:46:20 -08:00
parent 22a25b873c
commit 803f8e0c70
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Per-scope-switches.md

@ -42,6 +42,8 @@ First, if you are not familiar with what is "mixed content", here are some place
When the _"Strict HTTPS"_ switch is turned on, mixed content will be forbidden.
_"Strict HTTPS"_ is more then to just protect MITM attack. Without _"Strict HTTPS"_, data-mining by 3rd-parties can still occur, as evil ISPs like Verizon et al. could still inject tagging information in the HTTP headers of outgoing net requests which are not done through encrypted connections.
To witness _"Strict HTTPS"_ at work, visit the encrypted version of Wired's [Threat Post](https://threatpost.com/), which suffers (at time of writing, 2014-11) from mixed content:
![Mixed content foiled](https://raw.githubusercontent.com/gorhill/uMatrix/master/doc/img/strict-https-at-work.png)