I completely concur with Ben on this one -- it's quite disconcerting to think that you're traffic is encypted since you're browsing using https only to look in the sabnzbd.log file to see that nzbdStatus has rewritten the fetching to use http instead.
For the time being, I can offer a fairly simple workaround that I can confirm works with nzbmatrix.com. I have not checked the effects of this modification (mod) with other index sites, so this may not work for other sites and may even break things. That said, this mod can be undo easily by simply uninstalling the mod'd extension and re-installing the offical one.
1. Download the latest official (non-Beta) extension file, which at present is nzbdstatus-1.0.15.1-fx.xpi.
2. Create a temporary folder and unzip the contents of the .xpi file there (xpi files are just zip files with a different extension).
3. Using your favorite text editor, modify the file chrome/content/sabnzbdstatus.js by simply replacing all occurances of http:// with https:// .
4. ZIp up the contents of the temporary folder into a new .xpi file (e.g., chrome/content/sabnzbdstatus.js). A lot of zip programs force a .zip extension, so, for example, zip to nzbdstatus-1.0.15.1-fx.xpi.zip and then just rename that file to nzbdstatus-1.0.15.1-fx.xpi.
5. If needed, uninstall any existing nzbdStatus extension within Firefox.
6. Install the mod'd extension from the mod'd .xpi file you made steps 2-4 (i.e., Firefox -> Add-Ons -> Install Add-On from File [seen by clicking the button to the left of the 'Search all add-ons' search box).
In a nutshell, all you're doing is changing http:// to https:// in one file and the making / installing a mod'd .xpi file. Easy as pie. :)
As already mentioned, this not work / break other index sites if that site doesn't support https equivalently as it supports http. That said, the relevant code in the sabnzbdstatus.js is easy to locate (just search for http:// or, if already mod'd, https://\) and further mod'ing for other sites to get them to work as securely as they can shouldn't be too difficult with beginner-immediate programming or javascript experience.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
4. ZIp up the contents of the temporary folder into a new .xpi file (e.g., nzbdstatus-1.0.15.1-fx.xpi). A lot ...
I wasn't careful enough with my copy and paste. :) Also, please excuse the numerous typos (e.g., you're instead of your, etc). I'm really tired at the moment. :)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I consider this now a major security issue and should force SSL whenever possible
I completely concur with Ben on this one -- it's quite disconcerting to think that you're traffic is encypted since you're browsing using https only to look in the sabnzbd.log file to see that nzbdStatus has rewritten the fetching to use http instead.
For the time being, I can offer a fairly simple workaround that I can confirm works with nzbmatrix.com. I have not checked the effects of this modification (mod) with other index sites, so this may not work for other sites and may even break things. That said, this mod can be undo easily by simply uninstalling the mod'd extension and re-installing the offical one.
1. Download the latest official (non-Beta) extension file, which at present is nzbdstatus-1.0.15.1-fx.xpi.
2. Create a temporary folder and unzip the contents of the .xpi file there (xpi files are just zip files with a different extension).
3. Using your favorite text editor, modify the file chrome/content/sabnzbdstatus.js by simply replacing all occurances of http:// with https:// .
4. ZIp up the contents of the temporary folder into a new .xpi file (e.g., chrome/content/sabnzbdstatus.js). A lot of zip programs force a .zip extension, so, for example, zip to nzbdstatus-1.0.15.1-fx.xpi.zip and then just rename that file to nzbdstatus-1.0.15.1-fx.xpi.
5. If needed, uninstall any existing nzbdStatus extension within Firefox.
6. Install the mod'd extension from the mod'd .xpi file you made steps 2-4 (i.e., Firefox -> Add-Ons -> Install Add-On from File [seen by clicking the button to the left of the 'Search all add-ons' search box).
In a nutshell, all you're doing is changing http:// to https:// in one file and the making / installing a mod'd .xpi file. Easy as pie. :)
As already mentioned, this not work / break other index sites if that site doesn't support https equivalently as it supports http. That said, the relevant code in the sabnzbdstatus.js is easy to locate (just search for http:// or, if already mod'd, https://\) and further mod'ing for other sites to get them to work as securely as they can shouldn't be too difficult with beginner-immediate programming or javascript experience.
Correction:
Step 4 should start rather as:
4. ZIp up the contents of the temporary folder into a new .xpi file (e.g., nzbdstatus-1.0.15.1-fx.xpi). A lot ...
I wasn't careful enough with my copy and paste. :) Also, please excuse the numerous typos (e.g., you're instead of your, etc). I'm really tired at the moment. :)