[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #21690 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Sta.sh ruleset is enabled but not DeviantArt, causing mixed content warnings



#21690: Sta.sh ruleset is enabled but not DeviantArt, causing mixed content
warnings
-------------------------------------------------+-------------------------
     Reporter:  cypherpunks                      |      Owner:  jsha
         Type:  defect                           |     Status:  new
     Priority:  Medium                           |  Milestone:
    Component:  HTTPS Everywhere/EFF-HTTPS       |    Version:
  Everywhere                                     |   Keywords:  httpse-
     Severity:  Normal                           |  ruleset-bug
Actual Points:                                   |  Parent ID:
       Points:                                   |   Reviewer:
      Sponsor:                                   |
-------------------------------------------------+-------------------------
 If you visit an https stash page that is using generated deviant art
 thumbnails, the thumbnails will fail to load as mixed content.

 EG the following renders correct: http://sta.sh/0127ggexeju2
 The following fails to render in both firefox and chrome:
 https://sta.sh/0127ggexeju2

 The https version looks like this: https://imgur.com/gC9Qias
 Here is a paste of the errorcodes: http://pastebin.com/qjijAEbU

 Sta.sh is enabled: https://www.eff.org/https-
 everywhere/atlas/domains/sta.sh.html
 But not DA: https://www.eff.org/https-
 everywhere/atlas/domains/deviantart.com.html

 The former should be disabled or the latter enabled

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21690>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs