HTTPS Everywhere for Chrome
I understand that Chrome doesn't yet have the necessary API to make this completely secure (in particular, bug 50943 means that you can't stop the first request to an insecure page) but there's much else to be done:
-
Set up the repository so the rulesets can be read by Firefox and Chrome extension code
-
After loading an insecure page immediately redirect to the secure version so that relative links and future requests are done securely
-
Use the beforeload/preventDefault API to prevent/rewrite insecure subrequests (e.g. Chrome Disconnect) (webkit docs)
I understand that this doesn't provide the full security benefits of Firefox HTTPS Everywhere, but I think it would a) provide a clear improvement in security to those who understand the risks, b) make it easy to provide the full security benefits as soon as the necessary APIs have landed. It may also increase the pressure to finish those APIs.