Web sites shouldn't use the unsafe-url policy, as this can induce HTTPS URLs to become uncovered within the wire around an HTTP connection, which defeats one of the critical privacy and protection ensures of HTTPS. CIDR relies on the concept that IP addresses is usually allocated and routed dependent on http://XXX
