Warn Insecure Redirection

Warn Insecure Redirection插件简介

Warn Insecure Redirection插件描述

If you visit a link that appears to simply be a redirection link  that link is not loaded over HTTPS, it will expose the redirection link to potential snoopers.

F example, if you visit:

http://www.example.com/redirect?goto=https://www.paypal.me/ashleymadison/100USD

Notice the HTTP in "http://www.example.com" means it is insecure.

Since example.com is NOT loaded over HTTPS, everyone on the Internet will know that you intend to visit the Paypal website to send money to Ashley Madison. Even though the Paypal website will be loaded over HTTPS, your intention will already be exposed by visiting example.com over an insecure connection.

This extension will catch these potential problems  give you the option to:

1. Try loading example.com over HTTPS
2. Visit Paypal directly over HTTPS
3. Continue with the insecure link

This extension will also "ping" the root page ("/") at example.com over HTTPS to see if it is accessible  if so, will automatically navigate to the example.com page over HTTPS.

It will also "ping" the root page at paypal.me over HTTPS to determine if it is accessible  will add a tick  cross, so that you can decide whether you want to go directly to it.
                                

Warn Insecure Redirection插件离线安装方法

1.首先用户点击谷歌浏览器右上角的自定义及控制按钮，在下拉框中选择设置。

2.在打开的谷歌浏览器的扩展管理器最左侧选择扩展程序或直接输入：chrome://extensions/

3.找到自己已经下载好的Chrome离线安装文件xxx.crx，然后将其从资源管理器中拖动到Chrome的扩展管理界面中，这时候用户会发现在扩展管理器的中央部分中会多出一个”拖动以安装“的插件按钮。

4.下载 Warn Insecure RedirectionChrome插件v0.1.7版本到本地。

5.勾选开发者模式，点击加载已解压的扩展程序，将文件夹选择即可安装插件。

注意：最新版本的chrome浏览器直接拖放安装时会出现“程序包无效CRX-HEADER-INVALID”的报错信息，参照这篇文章即可解决