[tor-bugs] #9489 [EFF-HTTPS Everywhere]: Twitch.tv websites broken

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Aug 14 17:19:55 UTC 2013


#9489: Twitch.tv websites broken
---------------------------------------------------------+------------------
 Reporter:  cypherpunks                                  |          Owner:  pde            
     Type:  defect                                       |         Status:  new            
 Priority:  critical                                     |      Milestone:  HTTPS-E 4.0dev9
Component:  EFF-HTTPS Everywhere                         |        Version:                 
 Keywords:  aurora, firefox, beta, twitch, blank, empty  |         Parent:                 
   Points:                                               |   Actualpoints:                 
---------------------------------------------------------+------------------
 On Aurora 25.0a2, HTTPS-Everywhere 4.0dev9 completely breaks all
 streamers' individual Twitch.tv sites and Twitch.tv's site in general.
 Nearly everything but the basic  site navigation shows up blank (no video
 player, no descriptions) and  the chat also doesn't work. Loaded from a
 third-party site such as  speedrunslive.com or teamliquid.org, the video
 player loads and works,  but the chat still doesn't work.

 Disabling the extension alleviates the problem and everything works as
 expected. This does not appear to be ruleset-related, as there  apparently
 are no rulesets for Twitch.tv. This has been reliably  reproducible on two
 PCs I possess and is, by my testing, definitely the  only extension
 responsible the problem. Firefox Beta 24.0b2 also does  not work, IE10,
 though, obviously does (meaning it's not necessarily  Twitch's fault). I
 am not sure which party is ultimately at fault here,  but given that
 Firefox otherwise works flawlessly without the extension,  I'm going to
 guess it's got to be something on HTTPS-Everywhere's side  that a recent
 change somewhere caused to break.

 Given the easily reproducible nature of the bug and the fact that
 Twitch.tv is pretty essential to many people, I'm going to mark this as
 critical. If I'd know whether this also affects both Firefox 23 and/or
 Chrome/Chromium, I'd possibly mark it as a blocker.

 This does not appear to be MCB-related and disabling the option in
 about:config doesn't fix the issue. It should be noted, though, that the
 above-mentioned sites load the video player via a normal HTTP connection.
 Go to an individual streamer's site, load a VOD and you'll see that Twitch
 also has SSL-enabled CDN URLs available (which work just as well as the
 HTTP ones if loaded directly). I am not sure whether Twitch even allows a
 live broadcast to use SSL, though, but due to the overhead I'm guessing
 not. Anyway, the VODs and streams themselves work fine if you use their
 direct URLs. Embedded into Twitch's site, though (and only Twitch's), they
 don't work anymore.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9489>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list