[tor-bugs] #21839 [HTTPS Everywhere/EFF-HTTPS Everywhere]: "Amazon.in (partial)" is partially broken
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Mar 31 11:14:26 UTC 2017
#21839: "Amazon.in (partial)" is partially broken
-------------------------------------------------------+------------------
Reporter: cypherpunks | Owner: jsha
Type: defect | Status: new
Priority: Medium | Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------------------------------+------------------
Example page:-
http://www.amazon.in/dp/B00W0VBOH0/ref=twister_dp_update?_encoding=UTF8&psc=1
When trying to select sizes or colors, the page fails to update with https
everywhere enabled on firefox.
This is due to this xhr request being clobbered by jquery/cors.
For some reason the request method switches to OPTIONS instead of GET when
the below xhr request is upgraded from http to https.
https://www.amazon.in/gp/twister/ajaxv2?sid=
The amazon server responds with a 405 for an OPTIONS request.
Need to add this exclusion pattern.
<exclusion pattern="^www.amazon.in/gp/twister/ajaxv2*" />
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21839>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list