Let the browser upgrade subcontent

[Madis0]

Unlike HTTPS Everywhere, this extension doesn't take care of sub-requests triggered from HTTP-only sites. For now, it outright ignores those requests, because using the same approach with those (retrying on error) is very complicated and has significant drawbacks.

What about adding an option to use the Upgrade-Insecure-Requests header, similar to Smart HTTPS? That way the browser would handle everything properly, without needing the extension to redirect links back and forth.

There is also a flag security.mixed_content.upgrade_display_content but I think it is not exposed to extensions just yet. Bug 1435733

[claustromaniac]

I've done some more research and tested a number of things locally, and I'm sorry to say there's apparently no way for me to add this without breaking other very important extensions (like content blockers). I better wait for bug 1462989 to get solved before trying to do anything about this. Unfortunately, that can take years (literally)...