[tor-bugs] #15763 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Need whitelist entry for www.fark.com and total.fark.com
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Mar 12 18:03:06 UTC 2018
#15763: Need whitelist entry for www.fark.com and total.fark.com
-------------------------------------+-------------------------------------
Reporter: bit0mike | Owner: (none)
Type: defect | Status: reopened
Priority: Medium | Milestone: HTTPS-E next Chrome
Component: HTTPS Everywhere/EFF- | release
HTTPS Everywhere | Version:
Severity: Blocker | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------+-------------------------------------
Comment (by bit0mike):
HTTPS domains would be all of the subjectAltNames in the www.fark.com
certificate, plus one we're planning to add later. So that'd be:
<target host="fark.com" /> <!-- redirects to www.fark.com -->
<target host="www.fark.com" />
<target host="app.fark.com" />
<target host="beerspill.fark.com" />
<target host="beta.fark.com" />
<target host="gw.fark.com" />
<target host="img.fark.net" />
<target host="imgbeta.fark.net" />
<target host="m.beta.fark.com" />
<target host="m.fark.com" />
<target host="m.total.fark.com" />
<target host="m.totalbeta.fark.com" />
<target host="mail.fark.com" /> <!-- will be added later this year,
so might as well throw it in there -->
<target host="ssl.fark.com" />
<target host="total.fark.com" />
<target host="totalbeta.fark.com" />
Then go.fark.net would be the only one to exclude.
Oh, and it should also be OK to do this now:
<securecookie host=".+" name=".+" />
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15763#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list