Basically, when the site was first designed it was not intended that SSL connections would be used for ordinary page views, only for stuff like managing your account, editing hub entries, etc. Common wisdom on the Internet has changed since then, but it'll need a bit of a redesign on my part to make it possible to view the www subdomain via HTTPS.
I've had reports of several types of issues from users who use the HTTPS Everywhere plugin, but the main ones are:
- User tries to post to the forums, but it kicks them out to a different page and never makes the post, as if they're not logged in. This is because they are not in fact logged in on the regular site, because of HTTPS Everywhere.
- User tries to do an account reset, but never receives the email. The form that gets sent via POST request goes to the regular site, not the secure site. (This is okay because there's no secure info in the form.) The plugin apparently chokes when trying to redirect POST requests.
Please also note: The webclient will not work AT ALL with HTTPS Everywhere. This is because the connection it makes to an individual game server uses ordinary HTTP and websocket connections, not secure ones, so browsers will simply throw mixed-content errors instead.