[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #7575 [EFF-HTTPS Everywhere]: WebAssign site produces litany of "Security Warning" alerts

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #7575 [EFF-HTTPS Everywhere]: WebAssign site produces litany of "Security Warning" alerts
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 29 Nov 2012 22:20:14 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 30 Nov 2012 20:19:26 -0500
In-reply-to: <051.251d3be4f16d37446bf946a31500fdf8@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.251d3be4f16d37446bf946a31500fdf8@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#7575: WebAssign site produces litany of "Security Warning" alerts
----------------------------------+-----------------------------------------
 Reporter:  cypherpunks           |          Owner:  pde
     Type:  defect                |         Status:  new
 Priority:  normal                |      Milestone:     
Component:  EFF-HTTPS Everywhere  |        Version:     
 Keywords:                        |         Parent:     
   Points:                        |   Actualpoints:     
----------------------------------+-----------------------------------------

Comment(by cypherpunks):

 To add a little, the warning is happening due to a giant form on
 webassign.net's site that uses an absolute http URL to POST to that then
 gets converted to https by HTTPS Everywhere. This conversion must take
 place after the Firefox logic that detects posting to a non-https URL from
 an https one.

 Is there a way for HTTPS Everywhere to rewrite the URL before the Firefox
 posting logic sees it in order to rid ourselves of this error?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7575#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #7575 [EFF-HTTPS Everywhere]: WebAssign site produces litany of "Security Warning" alerts
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #7328 [Stem]: Event Handling
Next by Author: Re: [tor-bugs] #6196 [Tor Sysadmin Team]: Copy Apache logs to stenodon
Previous by thread: [tor-bugs] #7575 [EFF-HTTPS Everywhere]: WebAssign site produces litany of "Security Warning" alerts
Next by thread: Re: [tor-bugs] #6824 [Torouter]: Torrouter Update Mechanism
Index(es):
- Author
- Thread