Since this commit: https://gitweb.torproject.org/https-everywhere.git/blobdiff/eb212b2e785b1760f976d2b7358a187f2adc82b1..445aa51a61fa2ec50998ac802c3d0c4261787929:/src/components/https-everywhere.js To close legacy/trac#3882 , we should run more tests to ensure that no HTTP requests are escaping redirection. We have done a bit of this without plugins, but we should also perform more and with plugins. Methodology: Run a wireshark capture with the BPF set to "port 80" (or a protocol-level equivalent?). Do a lot of browsing. Filter out the HTTP Request packets. See if any of them should have been rewritten.