What language?
No POST requests will stop a lot of forms. HEAD is an easy case, but
largely unused.
That probably covers it. If you change HTTP/1.1 to HTTP/1.0 on the
requests, then 1% of servers will have issues and 50% fewer servers will
send chunked requests. (Numbers made up, based on my experiences.) You
can also drop Accept-Encoding: if you want to avoid dealing with
compressed responses.
Yup, that works in my experience, too.
No accept-encoding header == no compression.
You can fix that with whitespace padding.

<img src="Loading Image..." ...>
<img src="//qaz.wtf/tmp/chree.png" ...>

Beware of parsing issues. Real world HTML usually looks like one of the
first two but may sometimes look like one of second two of these:

<img src="https://qaz.wtf/tmp/chree.png" ...>
<img src='https://qaz.wtf/tmp/chree.png' ...>
<img src=https://qaz.wtf/tmp/chree.png ...>
<img src = "https://qaz.wtf/tmp/chree.png" ...>

(And that's ignoring case.)
Hahaha. There are so many different ways it is done in the real world.
Are you going to fix Referer: headers to use the https: version when
communicating with an https site? I think you probably should.

Elijah
------
only forces https on his site for the areas that require login

Sounds like a great start. I'm looking forward to trying it out.

It took much longer (of course), and the code has by now expanded
about threefold. The HTTP/1 support is much improved, however;
for instance, request bodies and chunked coding should now be
fully supported. Moreover, the relevant code was split off into
a separate HTTP1::MessageStream push-mode parser module (or about
a third of the overall code currently), allowing it to be used
in other applications.

The no-https.perl code proper still needs some clean-up after
all the modifications it got.

The command-line interface is about as follows. (Not all the
options are as of yet thoroughly tested, though.)

Usage:
$ no-https
[-d|--[no-]debug] [--listen=BIND|-l BIND] [--mangle=MANGLE]
[--connect=COMMAND] [--ssl-connect=COMMAND]
$ no-https {-h|--help}

BIND is either [HOST:]PORT or, if includes a /, a file name for a
Unix socket to create and listen on. The default is 8080.

COMMAND will have %%, %h, %p replaced with a literal %, target host
and TCP port, respectively. Also, %s and %t are replaced respectively
with a space and a TAB.

MANGLE can be minimal, header, or a name of an App::NoHTTPS::Mangle::
package to require and use. If not specified, default is tried
first, falling back to (internally-implemented) header.

The --connect= and --ssl-connect= should make it possible to
utilize a parent proxy, including a SOCKS one, such as that
provided by Tor, like: --connect="socat STDIO
SOCKS4:localhost:%h:%p,socksport=9050". For --ssl-connect=,
a tsocks(1)-wrapped gnutls-cli(1) may be an option.
RFC 7230 section 3.3 actually provides simple criteria for
determining whether the request has a body:

The presence of a message body in a request is signaled by a
Content-Length or Transfer-Encoding header field. Request message
framing is independent of method semantics, even if the method does
not define any use for a message body.

As such, and given that message passing was "symmetrized," any
request method except CONNECT is now allowed by the code.
Preceded by the request line, obviously. (It was considered
a part of the header in the original version of the code.)
(Same here, for the status line.)

We also pass any number of "100 Continue" messages here from
server to client before the "payload" response.
A Host: header is prepended to the request header if the
original has none.
Both the decision whether to "eat up" the redirect and how to
alter the header and body of the messages (requests and responses
alike) are left to the "mangler" object. The object is ought to
implement the following methods.

$ma->message_mangler (PARSER, URI)
Return a new mangler object for the given HTTP1::MessageStream
parser state (either request or response) and request URI.

Alternatively, return an URI of the resource to transparently
request instead of the given one.

Return undef if this mangler has nothing to do with the
given parser state and URI.

$ma->parser ([PARSER]), $ma->uri ([URI]),
$ma->start_line ([START-LINE]), $ma->header ([HEADER])
Get or set the HTTP1::MessageStream object, URI, HTTP/1
start line and HTTP/1 header, respectively, associated with
the particular request.

$ma->chunked_p ()
Return a true value if the body is ought to be transmitted
to the remote using chunked coding. (The associated header
is set up accordingly.)

$ma->get_mangled_body_part ()
Return the next part of the (possibly modified) HTTP/1
message body. This will typically involve a call to the
parser object to interpret the portion of the message
currently in its own buffer.

There're currently two such classes implemented: "minimal" and
"header," and I believe that the above interface can be used to
implement rather arbitrary HTTP message filters.

The "minimal" class removes Upgrade and Proxy-Connection headers
from the messages (requests and responses alike) and causes the
calling code to transparently replace all the https: redirects
with requested resources.

The "header" class also filters Strict-Transport-Security and
Set-Cookie off the responses. (Although the former should have
no effect anyway.)

There's a minor issue with the handling of https: redirects.
When http://example.com/ redirects to https://example.com/foo/bar,
for instance, the links in the latter document will become
relative to the former URI (unless the 'base' URI is explicitly
given in the document); thus <a href="baz" /> will point to
/baz -- instead of the intended /foo/baz. A likely solution
is to only eat up http:SAME to https:SAME redirects, rewriting
http:SOME to https:OTHER instead to point to http:OTHER (which
will then likely result in a redirect to https:OTHER, in turn
eaten up by the mangler.)
Both the chunked coding and client-to-server body passing are
now ought to be supported (although POST requests remain untested.)
[...]