[tor-bugs] #8584 [EFF-HTTPS Everywhere]: Chrome - Apple Support site broken (mixed content)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 18 23:41:17 UTC 2013
#8584: Chrome - Apple Support site broken (mixed content)
----------------------------------+-----------------------------------------
Reporter: alphawolf | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone: HTTPS-E Chrome 2013.4.1x
Component: EFF-HTTPS Everywhere | Version: HTTPS-E chrome 2013.3.7
Keywords: httpse-ruleset-bug | Parent: #6975
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Changes (by pde):
* cc: MB (added)
* milestone: => HTTPS-E Chrome 2013.4.1x
Comment:
Flagging this ruleset as platform="mixedcontent" would disable HTTPS
Everywhere protection for Apple.com completely on Chrome, which I think is
rather drastic. I'm going to make an Apple (mixedcontent) ruleset, move
the support.apple.com site in there, and have it flagged to be disabled on
Chrome (and Firefox 23+). MB, this might be an appropriate approach to
take for large/important sites with corners that have mixedcontent
problems.
We also need someone at Apple to start working on the problem of
eradicating mixed content when people land on the site via https. I'll
send their security team to this ticket.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8584#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list