[tor-bugs] #28383 [HTTPS Everywhere]: HTTPS Everywhere's exceptions persist

[Tor Bug Tracker & Wiki]

#28383: HTTPS Everywhere's exceptions persist
-----------------------+----------------------------------
 Reporter:  janbhez    |          Owner:  legind
     Type:  defect     |         Status:  new
 Priority:  Very High  |      Component:  HTTPS Everywhere
  Version:             |       Severity:  Critical
 Keywords:             |  Actual Points:
Parent ID:             |         Points:
 Reviewer:             |        Sponsor:
-----------------------+----------------------------------
 Using Tor it is recommended to try secure connections first. Unfortunately
 HTTPS Everywhere doesn't work this way by default: https://www.eff.org
 /https-everywhere/faq#why-use-a-whitelist-of-sites-that-support-https-why-
 cant-you-try-to-use-https-for-every-last-site-and-only-fall-back-to-http-
 if-it-isnt-available

 To try secure connections first, the user has to '''Disable all
 unencrypted requests'''. When HTTPS Everywhere is set to '''Disable all
 unencrypted requests''', [[span(style=background-color: #FFC8C8, the
 exceptions (the sites visited via HTTP) persist even after Tor Browser is
 closed.)]]

 When HTTPS Everywhere disabled on a site, '''Reset to Defaults''' is not
 available from the button. To clear the list the user has to open the
 '''about:addons''' page, select '''HTTPS Everywhere's options''' and
 remove sites 1-by-1 from the '''HTTPS Everywhere Sites Disabled''' list.
 There is no "clear all" button.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28383>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online