I always keep it enabled and there are almost no sites that require exceptions except on corporate intranet.