[tsavola]

Always having https removes the need to consider the security implications of unencrypted transport on case-by-case basis.

I have been using HTTPS Everywhere extension and currently Firefox's HTTPS-Only feature in strict mode for a long time. Nowadays few links fail to work for me, so the failing ones stand out.

[chrismorgan]

Me too. Out of curiosity, I also added a user style sheet (via Stylus) to mark HTTP links:

  :where(:link[href^="http:"])::after {
    content: " [http]";
    color: red;
    text-decoration: none;
  }

(I use the :where(…) wrapping so that any site actually trying to use :link::after for real stuff can override my styles without specificity conflicts.)

It’s interesting especially to see how often https: sites have http: links to their own domain, which are just going to get redirected back to the https:. (The HN footer has the “Legal” and “Apply to YC” links being to http://www.ycombinator.com/* for no good reason, a very similar case.)

And how horribly many emails use http: tracking links, and how painfully many of those domains don’t speak HTTPS.

HN’s front page normally has 0–2 out of 30 of the links being HTTP, almost always old domains. It’s fairly rare for a new site to go plain HTTP.

[dolmen]

Great trick.