Upgrade Insecure Requests
Upgrade Insecure Requests is a mechanism that web pages instruct user agents to upgrade priori insecure resource requests to secure transports before fetching them.
This feature can make deploying HTTPS easier for websites.
Upgrade Insecure Requests is included in EdgeHTML 17 released yesterday (30/04/2018)
Per https://github.com/MicrosoftEdge/Status/pull/578, “upgrade-insecure-requests is In Development for EdgeHTML 17”
Why is Microsoft so behind with implementing upgrade-insecure-requests?
Usman Mohammad commented
This is really necessary
Matt Epstein commented
Outlook.com team would like to see this implemented.
Eric Mill commented
UIR is proving to be a major help to large sites with a diverse set of mixed content. WIRED wrote up their experience here:
And Apple has since shipped UIR in WebKit, as noted below. Edge support would make UIR a more viable way for sites like WIRED to migrate to HTTPS.
Support for upgrade-insecure-requests has landed in WebKit https://trac.webkit.org/changeset/201679
Too bad to see this feature is not implemented yet. :(
There's an open Safari feature request for this at https://bugs.webkit.org/show_bug.cgi?id=143653
Chrome shipped this in Chrome 43.
It’s landed in Firefox https://bugzilla.mozilla.org/show_bug.cgi?id=1139297 and will ship in Firefox 42.