Download all filters over HTTPS

[smarek]

Hi,

thank you for this very good extension.
I noticed, some of the filters are not downloaded over HTTPS, which could be easily intercepted and could be used in fuzzing attack against extension/client/browser and/or could be replaced MITM with invalid/empty list.

Could you please verify and confirm that these filters, those downloaded through 80 (such as pgl.yoyo.org, fanboy.co.nz, malwaredomainlist.com or http://someonewhocares.org/) are somehow verified through transmission/usage? If not, could you please make change to extension, that would disallow globally downloading over non-secured HTTP (or at least mark them up in extension Dashboard->3-rd party filters, as insecure) ?

[chrisaljoudi]

Hi @smarek!

somehow verified through transmission/usage

Since those are third-party filters (not maintained by uBlock), I can't think of a reasonable way to do this.

mark them up

Sure; done. d19e07b.

[smarek]

Cool, thank you!
Also I think there should be some information about what the lock means, to not confuse the users.
Maybe on mouse hover over the lock?

[chrisaljoudi]

@smarek there is. Did you try hovering the lock? :D

[ghost]

Edit: n/m misunderstood what the symbol represents

[gwarser]

I think this behavior should be inverted - show lock with warning sign (or behind no/slash sign) for not secure links. Secure links should be seen as standard, without special meaning.