[tor-bugs] #12847 [HTTPS Everywhere: Chrome]: cdn rules for bigcommerce.com
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Aug 12 08:20:07 UTC 2014
#12847: cdn rules for bigcommerce.com
--------------------------------------+----------------------------------
Reporter: cypherpunks | Owner: zyan
Type: defect | Status: new
Priority: normal | Milestone:
Component: HTTPS Everywhere: Chrome | Version: HTTPS-E 4.0dev14
Keywords: https everywhere rules | Actual Points:
Parent ID: | Points:
--------------------------------------+----------------------------------
bigcommerce CDN names extend past cdn[12] and include:
cdn.bigcommerce.com
cdn1.bigcommerce.com
cdn2.bigcommerce.com
cdn3.bigcommerce.com
cdn4.bigcommerce.com
and more. A more appropriate match would be:
^cdn\d*\.bigcommerce\.com$
Leaking of bigcommerce.com CDN URLs can result very detailed tracking of
items people are looking to buy, purchases etc for any stores run by them.
This seems to be the case even for stores that use bigcommerce.com but
that use their own domain name.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12847>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list