[tor-bugs] #10753 [EFF-HTTPS Everywhere]: Xfire rules are incorrect

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Mar 17 22:24:30 UTC 2014 

#10753: Xfire rules are incorrect
--------------------------------------+-------------------
     Reporter:  cypherpunks           |      Owner:  pde
         Type:  defect                |     Status:  new
     Priority:  major                 |  Milestone:
    Component:  EFF-HTTPS Everywhere  |    Version:
   Resolution:                        |   Keywords:  xfire
Actual Points:                        |  Parent ID:
       Points:                        |
--------------------------------------+-------------------
Description changed by zyan:

Old description:

> My name is Ben and I work at Xfire, Inc.
>
> We  request that Xfire.com is removed from the HTTP Everywhere project,
> as it is only causing trouble with our users.
>
> Reason 1: When attempting to go to our download link at media.xfire.com,
> users are redirected to the "secure-media" subdomain, which does not
> exist, resulting in an error page.
>
> Reason 2: Our subdomains have been changing frequently over the years.
> HTTPS Everywhere becomes an inconvenience because of this.
>
> Reason 3: We force HTTPS for logins and soon everywhere on our new
> website (currently beta.xfire.com). Forcing HTTPS on any other part of
> our website is currently producing 404-error pages.
>
> We appreciate your software and efforts to enhance security of the web,
> but Xfire isn't quite ready for HTTPS Everywhere's adoption. Please
> remove the rules for now, and we'll write in another ticket in the future
> when we're ready.
>
> For verification of legitimacy of this request, please contact me at ben
> (at) xfire {dot] -com\
>
> Thank you.

New description:

 My name is Ben and I work at Xfire, Inc.

 We  request that Xfire.com is removed from the HTTP Everywhere project, as
 it is only causing trouble with our users.

 Reason 1: When attempting to go to our download link at media.xfire.com,
 users are redirected to the "secure-media" subdomain, which does not
 exist, resulting in an error page.

 Reason 2: Our subdomains have been changing frequently over the years.
 HTTPS Everywhere becomes an inconvenience because of this.

 Reason 3: We force HTTPS for logins and soon everywhere on our new website
 (currently beta.xfire.com). Forcing HTTPS on any other part of our website
 is currently producing 404-error pages.

 We appreciate your software and efforts to enhance security of the web,
 but Xfire isn't quite ready for HTTPS Everywhere's adoption. Please remove
 the rules for now, and we'll write in another ticket in the future when
 we're ready.

 Thank you.

--

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10753#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list