Guarding against network injection by rejecting all cleartext

After reading the recent Citizen Labs report Schrodinger’s Cat Video and the Death of Clear-Text, I’ve been infused with a fresh dose of healthy paranoia. I’ve decided I don’t want to pull down any clear-text into my web browser.

I’m well aware that Dragon offers the ability to force HTTPS on selected domains, however this is cumbersome and does not protect me with a default deny stance.

I would like to configure Dragon to refuse any and all clear-text whatsoever. I realize this will break a large number of web sites.

Has anyone figured out a way to do it?