Https-everywhere: Chrome on Windows disables non-web store HTTPS Everywhere on restart

Created on 13 Dec 2014 · 15Comments · Source: EFForg/https-everywhere

Steps to reproduce:

In Chrome on Windows, install HTTPS Everywhere directly from EFF (download the .crx, drag and drop into Extensions page).
Restart Chrome.

Expected result:

HTTPS Everywhere stays installed.

Actual result:

On next startup, a notice appears in the upper right saying "Unsupported extensions disabled. To make Chrome safer, we disabled some extensions that aren't listed in the Chrome Web Store and may have been added without your knowledge.

HTTPS Everywhere"

On the Extensions page, HTTPS Everywhere is greyed out, disabled, and the checkbox to re-enable it is greyed out. Enabling developer mode doesn't fix it, nor does dragging in the .crx again. Deleting the extension and dragging back in the .crx works until the next restart.

We should ask Google about this.

chrome

Source

jsha

Most helpful comment

i found HTTPS Everywhere 2016.9.1 corrupted in google chrome version
capture-20160904-022436

ghost on 3 Sep 2016

👍2

All 15 comments

Chrome no longer allows any outside of webstore extensions, due to lots of malware abuse.

You can sorta keep them enabled by turning on Developer Mode (you need to actually _use_ the features of developer mode -- otherwise chrome will warn you & disable developer mode). You can also install them via a Win. GPO.

semenko on 13 Dec 2014

See: http://blog.chromium.org/2013/11/protecting-windows-users-from-malicious.html

There are some alternatives, though none seem applicable here: https://developer.chrome.com/extensions/external_extensions

semenko on 13 Dec 2014

Thank you for the tip I appreciate the info.

Date: Sat, 13 Dec 2014 09:11:06 -0800
From: [email protected]
To: [email protected]
Subject: Re: [https-everywhere] Chrome on Windows disables non-web store HTTPS Everywhere on restart (#819)

See: http://blog.chromium.org/2013/11/protecting-windows-users-from-malicious.html

There are some alternatives, though none seem applicable here: https://developer.chrome.com/extensions/external_extensions

—
Reply to this email directly or view it on GitHub.

alguar on 13 Dec 2014

There are two options to workaround this.

One is extracting the CRX to a new folder in the computer and use programing mode to load the extension from the folder.

Another one is, the one I use for archival purposes, download the CRX from Chrome webstore using "Give me CRX": https://chrome.google.com/webstore/detail/give-me-crx/acpimoebmfjpfnbhjgdgiacjfebmmmci

Apparently there is some method of certificate authentication in CRX files and those downloaded from eff's website mismatch the copies at google's servers.

Regards,
NewEraCracker

NewEraCracker on 1 Jan 2015

Closing this since ~unfixable -- Google has worked hard to block non-webstore installed extensions due to malware.

semenko on 26 Mar 2015

Hi jsha,
Hi Semenko,
https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp

Version: 2016.4.4
Updated: April 4, 2016

Should do just fine! :+1:

I hope this helps. :-)

McKinleyGroup on 12 Apr 2016

👍1

But can't access Google domain in China:(

buaabyl on 21 Jul 2016

i found HTTPS Everywhere 2016.9.1 corrupted in google chrome version
capture-20160904-022436

ghost on 3 Sep 2016

👍2

@ChamZank - I found a workaround for this latest issue. With the extension installed, go to the Chrome Webstore page for HTTPS Everywhere. There will be prompt saying that "This extension has been disabled in Chrome" with a button to enable it. Enable it from there and it should work.