[tor-bugs] #12973 [EFF-HTTPS Everywhere]: Expedia broken
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 27 21:56:41 UTC 2014
#12973: Expedia broken
--------------------------------------+---------------------------
Reporter: cypherpunks | Owner: zyan
Type: defect | Status: new
Priority: normal | Milestone: HTTPS-E 3.2.3
Component: EFF-HTTPS Everywhere | Version: HTTPS-E 3.4.3
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
--------------------------------------+---------------------------
Comment (by cypherpunks):
I have found that: "... Clockwise Red Arrow: broken rule -- the ruleset is
active but the server is redirecting at least some URLs back from HTTPS to
HTTP...."
Thus the access of expedia.com is already demonstrating the existing rule
has a problem. It is printed below. I do now have the necessary ability
to troubleshoot or correct it. All I say is that it breaks the site and
turning off fixes. Any thoughts or comments? Can anybody replicate my
issue? (Reproduced on multiple machines as well by me.)
====================
<ruleset name="Expedia">
<target host="expedia.com" />
<target host="*.expedia.com" />
<target host="expedia.co.uk" />
<target host="*.expedia.co.uk" />
<securecookie host="^\.expedia\.co(?:om|\.uk)$" name=".+" />
<!-- Cert only matches *.expedia.com.
-->
<rule from="^https?://(?:www\.)?expedia\.com/"
to="https://www.expedia.com/" />
<rule from="^http://media\.expedia\.com/"
to="https://media.expedia.com/" />
<rule from="^http://(www\.)?expedia\.co\.uk/"
to="https://$1expedia.co.uk/" />
</ruleset>
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12973#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list