/https-everywhere

New issue

Chrome on Windows disables non-web store HTTPS Everywhere on restart #819

Closed
jsha opened this Issue Dec 13, 2014 · 10 comments

Labels

chrome

Milestone

No milestone

Assignees

No one assigned

9 participants

@jsha @semenko @alguar @NewEraCracker @McKinleyGroup @buaabyl @ChamZank @nikw92 @2d1
@jsha
Electronic Frontier Foundation member
jsha commented Dec 13, 2014

Steps to reproduce:

  1. In Chrome on Windows, install HTTPS Everywhere directly from EFF (download the .crx, drag and drop into Extensions page).
  2. Restart Chrome.

Expected result:

HTTPS Everywhere stays installed.

Actual result:

On next startup, a notice appears in the upper right saying "Unsupported extensions disabled. To make Chrome safer, we disabled some extensions that aren't listed in the Chrome Web Store and may have been added without your knowledge.

  • HTTPS Everywhere"

On the Extensions page, HTTPS Everywhere is greyed out, disabled, and the checkbox to re-enable it is greyed out. Enabling developer mode doesn't fix it, nor does dragging in the .crx again. Deleting the extension and dragging back in the .crx works until the next restart.

We should ask Google about this.

@semenko
semenko commented Dec 13, 2014

Chrome no longer allows any outside of webstore extensions, due to lots of malware abuse.

You can sorta keep them enabled by turning on Developer Mode (you need to actually use the features of developer mode -- otherwise chrome will warn you & disable developer mode). You can also install them via a Win. GPO.

@semenko
semenko commented Dec 13, 2014

See: https://blog.chromium.org/2013/11/protecting-windows-users-from-malicious.html

There are some alternatives, though none seem applicable here: https://developer.chrome.com/extensions/external_extensions

@alguar
alguar commented Dec 13, 2014
@2d1 2d1 added the chrome label Dec 15, 2014
@NewEraCracker
NewEraCracker commented Jan 1, 2015

There are two options to workaround this.

One is extracting the CRX to a new folder in the computer and use programing mode to load the extension from the folder.

Another one is, the one I use for archival purposes, download the CRX from Chrome webstore using "Give me CRX": https://chrome.google.com/webstore/detail/give-me-crx/acpimoebmfjpfnbhjgdgiacjfebmmmci

Apparently there is some method of certificate authentication in CRX files and those downloaded from eff's website mismatch the copies at google's servers.

Regards,
NewEraCracker

@semenko
semenko commented Mar 26, 2015

Closing this since ~unfixable -- Google has worked hard to block non-webstore installed extensions due to malware.

@semenko semenko closed this Mar 26, 2015
@McKinleyGroup
McKinleyGroup commented Apr 12, 2016

Hi jsha,
Hi Semenko,
https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp

Version: 2016.4.4
Updated: April 4, 2016

Should do just fine! 👍

I hope this helps. :-)

@buaabyl
buaabyl commented Jul 21, 2016

But can't access Google domain in China:(

@ChamZank
ChamZank commented Sep 3, 2016

i found HTTPS Everywhere 2016.9.1 corrupted in google chrome version
capture-20160904-022436

@nikw92
nikw92 commented Sep 5, 2016

@ChamZank - I found a workaround for this latest issue. With the extension installed, go to the Chrome Webstore page for HTTPS Everywhere. There will be prompt saying that "This extension has been disabled in Chrome" with a button to enable it. Enable it from there and it should work.

@ChamZank
ChamZank commented Sep 5, 2016

not work..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment