https-everywhere "encrypt all sites eligible" has compatibility issues with .securedrop.tor.onion names

When I turn on the "encrypt all sites eligible" feature in my Tor Browser's https everywhere, and then I visit lucyparsonslabs.securedrop.tor.onion (found by reading https://securedrop.org/news/introducing-onion-names-securedrop/) my https-everywhere pops up an "omg this is insecure" warning for the url "http://qn4qfeeslglmwxgb.onion/".

That's weird because I would have thought Tor Browser would special-case the .onion address. Maybe the .tor.onion syntax is throwing it off? Or maybe the rewrite to x.onion is happening at the wrong time compared to when https everywhere does its check?