Force-TLS Version History
Be careful with old versions!
These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.
Force-TLS no longer supports old versions of Firefox. If you want to use it in old versions, 3.0.2 is the last Force-TLS version you can use.
This version removes a whole lot of code made unnecessary by Firefox 4 (and later), and provides a few new features:
- Better UI discovery (specifically in Windows and pre-release versions of Firefox)
- Settings import/export
- Misc bug fixes
Fixed some bugs that caused UI and the nsIStrictTransportSecurityService data backend (Fx 4.0+) to be out of sync. These bugs were introduced around Firefox 14 when it shipped the HSTS preload list (and changed some of the use of the permissions DB). Also fixed a bug causing errors in sorting the forced sites list.
Fixed a bug where users of Firefox 12+ can't remove sites from the Force-TLS list.
New in version 3.0.0:
- Firefox 4 support!
- Fixed some UI errors
- Re-enabled the "preferences" button in the addons manager window
Firefox 4 has a feature called HTTP Strict-Transport-Security (HSTS), that does most of the work for Force-TLS. If you use Force-TLS on Firefox 4 or later, the add-on will use the built-in (more robust) HTTPS forcing functions of HSTS, but you'll get the same UI as all other users of Force-TLS.
This major update to force TLS features a new configuration dialog, including a UI to view which sites are currently 'forced', as well as the ability to clear one or all of the sites in the database. There are various minor bug fixes, but the UI improvement is pretty major.
- Configuration dialog (in the Tools menu) that provides a UI for adding and removing rules. No more cryptic about:config preferences are needed for adding your own forced sites!
- Automatic migration of hard-coded rules from version 1.0.*: when this addon is installed, it'll automatically copy all the hard-coded sites (inserted via about:config prefs) into the new storage system.
- Support for the "Strict-Transport-Security" header (an upcoming standard).
- A "always access content from this site securely" option in the Page Info / Permissions panel.
This version fixes a bug that caused some AJAX-based sites to stop working when ForceTLS is installed. It also plays nicely with private browsing mode, not saving any new data to disk while the user is in private mode.
Fixed hard-coded entries so they're "upgraded" to https properly, and improved debugging messages.
This version fixes some conflicts with other add-ons involving the HTTP protocol handler. In general, this version should play nicer with other add-ons.