[tor-bugs] #21690 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Sta.sh ruleset is enabled but not DeviantArt, causing mixed content warnings
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 8 16:45:58 UTC 2017
#21690: Sta.sh ruleset is enabled but not DeviantArt, causing mixed content
warnings
-------------------------------------------------+-------------------------
Reporter: cypherpunks | Owner: jsha
Type: defect | Status: new
Priority: Medium | Milestone:
Component: HTTPS Everywhere/EFF-HTTPS | Version:
Everywhere | Keywords: httpse-
Severity: Normal | ruleset-bug
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------------------------+-------------------------
If you visit an https stash page that is using generated deviant art
thumbnails, the thumbnails will fail to load as mixed content.
EG the following renders correct: http://sta.sh/0127ggexeju2
The following fails to render in both firefox and chrome:
https://sta.sh/0127ggexeju2
The https version looks like this: https://imgur.com/gC9Qias
Here is a paste of the errorcodes: http://pastebin.com/qjijAEbU
Sta.sh is enabled: https://www.eff.org/https-
everywhere/atlas/domains/sta.sh.html
But not DA: https://www.eff.org/https-
everywhere/atlas/domains/deviantart.com.html
The former should be disabled or the latter enabled
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21690>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list