[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #7584 [EFF-HTTPS Everywhere]: HTTPS Everywhere breaks links from PubMed to BiomedCentral



#7584: HTTPS Everywhere breaks links from PubMed to BiomedCentral
----------------------------------+-----------------------------------------
 Reporter:  cypherpunks           |          Owner:  MB      
     Type:  defect                |         Status:  assigned
 Priority:  major                 |      Milestone:          
Component:  EFF-HTTPS Everywhere  |        Version:          
 Keywords:                        |         Parent:          
   Points:                        |   Actualpoints:          
----------------------------------+-----------------------------------------

Comment(by schoen):

 The trouble is that BiomedCentral itself is sending invalid 302 redirects
 in response to what "should" be valid HTTPS URLs (i.e., HTTPS versions of
 valid HTTP URLs, on a site where this normally works).  I think the
 problem is essentially that BiomedCentral accepts HTTPS for all resources
 on www.biomedcentral.com, but whenever a URL is accessed that produces a
 302, the 302 destination is invalid.

 < HTTP/1.1 302 Moved Temporarily
 < Date: Mon, 10 Dec 2012 22:27:26 GMT
 < Server: Apache/2.2.16 (Debian)
 < Set-Cookie: UUID=c2fab02d-5f6b-4f94-996a-94018028522a; Path=/
 < Location: http://www.biomedcentral.com:443/1756-0500/5/610/abstract

 It would be possible to add an exclusion for all URLs that generate a 302
 (if we knew what they were), or to create rewrite rules that mimic the
 effect of the 302s except correctly (if we knew what they were!), but I am
 wary of this because I think there are potentially many URLs that generate
 302s (and perhaps the 302 redirect target even varies from article to
 article!).  So, we will disable this rule for now and I'll write to the
 BiomedCentral webmasters about this.

 Although I will try to see if I can rewrite the
 http://www.biomedcentral.com:443/ to https://www.biomedcentral.com/ myself
 (!).  Yikes.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7584#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs