[tor-bugs] #8666 [EFF-HTTPS Everywhere]: Disable Hellebaard because of mismatching with MJOPR
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 9 06:19:49 UTC 2013
#8666: Disable Hellebaard because of mismatching with MJOPR
----------------------------------+-----------------------------------------
Reporter: pander | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version: HTTPS-E 3.1.4
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Please disable HTTPS Everywhere for hellebaard.nl and *.hellebaard.nl.
The domainname has the same IP address as mjopr.nl which has an HTTPS
running but these two sites have absolutely nothing in common.
Going to (http://)hellebaard.nl in your browser will redirect you to
(https://)mjopr.nl.
(Eventually one will arrive at http://mjopr.nl (non-secure) because of
configuration of mjopr.nl. This has noting to do with HTTPS Everywhere but
I should notice it when you test it.)
If I go to hellebaard.nl and get forwarded to mjopr.nl, this will only
happen the first time. When I re-enter hellebaard.nl, I will stay there.
In order to prevent confusion and mismatching and having customers
arriving at the wrong site, please add a mismatch rule for Hellebaard so
that all going to hellebaard.nl and *.hellebaard.nl stay at Hellebaard
(and not go to MJOPR).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8666>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list