Merlin
HTTPS by default

HTTPS by default

Request websites over secure https by default from the location bar instead of insecure http.

What is HTTPS by default?
"HTTPS by Default" is a Firefox add-on that enhances your internet security. It works by initiating all web requests via a secure HTTPS protocol instead of an insecure HTTP, ensuring a safer web browsing experience. This user-friendly tool, combining security with convenience, allows exceptions to be made for specific sites, making your online browsing customizable while still maintaining a high level of protection.
Download
Merlin
Stats
By: Rob W
Users: 767 ▲ 18
Rating: 5.00 (9)
Version: 0.4.6resigned1 (Last updated: 2024-04-25)
Creation date: 2015-04-25
Weekly download count: 43
Firefox on Android: Yes
Risk impact: High risk impact
Risk likelihood: Moderate risk likelihood
Manifest version: 2
Permissions:
  • storage
  • tabs
  • webNavigation
  • webRequest
  • webRequestBlocking
  • *://*/*
Size: 14.74K
URLs: Website
Stats date:

Chrome-Stats Rank

# 3679 ▲ 19
Other rankings
#9 in default search keyword 30 #82 in request keyword 13 ▼ 2 #141 in location keyword 28 ▲ 2 #184 in secure keyword 54 ▲ 5 #194 in security keyword 49 ▲ 4

Other platforms

Not available on Chrome
Not available on Edge
Want to check extension ranking and stats more quickly for other Firefox add-ons? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Firefox Browser Add-ons.
Chrome-Stats extension
Merlin
Summary
Analyze keywords

When you request "example.com" from the location bar, Firefox will attempt to load http://example.com over an insecure connection by default. Those who want to load the site over a secure connection have to manually put "https://" in front of the URL. Because it is easier to not type "https://", most websites are accessed over an insecure connection.

After installing this add-on, websites will be requested over https. You have to explicitly type "http://" to get the insecure version of the website. As of version 0.4, navigations from the location bar will always use HTTPS (except for localhost, IP addresses and dotless domains). Visit the preference page to add an exception if you don't want to use HTTPS by default for a specific site.

Firefox removes the "http://" prefix by default in the location bar. If you click on the location bar and press Enter, then you will request the https version of the website if you are currently viewing a http-website. If you want to preserve http, either put "http://" in front of the URL, or visit about:config and set browser.urlbar.trimURLs to false to prevent the "http://" prefix from being stripped in the first place.

This add-on is part of the HTTPS by default project, at https://github.com/Rob--W/https-by-default.

User reviews
by Martin J… D…, 2023-12-16
View all user reviews
Safety
Risk impact

HTTPS by default is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this add-on. Review carefully before installing. We recommend that you only install HTTPS by default if you trust the publisher.

Risk likelihood

HTTPS by default is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this add-on.

Upgrade to see risk analysis details
Screenshots
HTTPS by default