Internet websites mustn't use the unsafe-url policy, as this could result in HTTPS URLs being uncovered about the wire over an HTTP connection, which defeats on the list of vital privateness and security ensures of HTTPS. SSL/TLS is very suited for HTTP, since it can offer some safety regardless of http://XXX
