[tor-bugs] #10576 [EFF-HTTPS Everywhere]: Updated ruleset partially breaks stackexchange even with mixed content rule disabled

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jan 7 03:49:10 UTC 2014 

#10576: Updated ruleset partially breaks stackexchange even with mixed content rule
disabled
-------------------------------------------------+-------------------------
 Reporter:  cfr                                  |          Owner:  pde
     Type:  defect                               |         Status:  new
 Priority:  major                                |      Milestone:
Component:  EFF-HTTPS Everywhere                 |        Version:
 Keywords:  3.4.5 ruleset breaks stack exchange  |  Actual Points:
  sites                                          |         Points:
Parent ID:                                       |
-------------------------------------------------+-------------------------
 HTTPS Everywhere (Firefox Extension)
 Version: 3.4.5
 Firefox: 26.0 64 bit build for GNU/Linux (Mozilla's own build)

 Relevant rules:
 - Stack Exchange (partial) is enabled
 - Google APIs is enabled
 - Stack Exchange (mixed content) is disabled
 - Quantcast is disabled

 I can view some Stack Exchange sites partially but on others I get a
 Firefox "get me out of here" warning. All sites worked fine until I
 restarted Firefox. Firefox was not updated, though - only HTTPS
 Everywhere. Based on https://meta.stackoverflow.com/questions/214968/cant-
 login-with-stack-exchange-openid-when-https-everywhere-plugin-is-active I
 would have assumed this is a known issue to do with mixed content but the
 only tickets I could find were closed as fixed and, moreover, I have the
 mixed content rule disabled already.

 Examples:

 https://tex.stackexchange.com/questions/152756/logic-tree-with-tikz-tree-
 placing-nodes-on-specific-places:
  I can view this page but I cannot view the images inline. I see the
 alternative text description. If I open the image as a page-in-itself, I
 can view it fine.

 https://meta.tex.stackexchange.com/: If I try to visit this page, I get a
 warning dialogue. (Translated) the title is "No trust for this connection"
 (sorry - I guess that's not the exact English equivalent). For
 clarification, it starts (roughly) "You have asked Firefox to connect
 securely to meta.tex.stackexchange.com, but we cannot confirm that the
 connection is secure. As a rule..." etc.

 I am guessing this is an HTTPS Everywhere issue but, if not, please let me
 know if you know where I should report it instead.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10576>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list