[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [https-everywhere/master] Experimentally securecookie Bit.ly; fix Facebook

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] [https-everywhere/master] Experimentally securecookie Bit.ly; fix Facebook
From: pde@xxxxxxxxxxxxxx
Date: Thu, 11 Nov 2010 01:28:25 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-cvs-outgoing@xxxxxxxx
Delivered-to: or-cvs@xxxxxxxx
Delivery-date: Wed, 10 Nov 2010 20:28:32 -0500
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: Peter Eckersley <pde@xxxxxxx>
Date: Wed, 10 Nov 2010 17:26:35 -0800
Subject: Experimentally securecookie Bit.ly; fix Facebook
Commit: a7436a55fc2818ebe6ac096a8ee4d0ca7157468f

---
 src/chrome/content/code/HTTPS.js      |    2 +-
 src/chrome/content/rules/Bitly.xml    |    5 +++++
 src/chrome/content/rules/Facebook.xml |    8 ++++----
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/chrome/content/code/HTTPS.js b/src/chrome/content/code/HTTPS.js
index 3ac96f5..a8d4bb9 100644
--- a/src/chrome/content/code/HTTPS.js
+++ b/src/chrome/content/code/HTTPS.js
@@ -163,7 +163,7 @@ const HTTPS = {
       try {
         var cookies = req.getResponseHeader("Set-Cookie");
       } catch(mayHappen) {
-        this.log(DBUG,"Exception huntting Set-Cookie in headers: " + mayHappen);
+        this.log(VERB,"Exception huntting Set-Cookie in headers: " + mayHappen);
         return;
       }
       if (!cookies) return;
diff --git a/src/chrome/content/rules/Bitly.xml b/src/chrome/content/rules/Bitly.xml
index 71a415d..8ec0072 100644
--- a/src/chrome/content/rules/Bitly.xml
+++ b/src/chrome/content/rules/Bitly.xml
@@ -6,7 +6,12 @@
   <target host="j.mp" />
   <target host="www.j.mp" />
 
+  <securecookie host="*.\.bit\.ly$" name=".*">
   <rule from="^http://(?:www\.)?bit\.ly/" to="https://bit.ly/"/>
   <rule from="^http://(?:www\.)?bit\.ly\.pro/" to="https://bit.ly/pro/"/>
+  <!--
+  j.mp is part of bit.ly but fires a cert warning
   <rule from="^http://(?:www\.)?j\.mp/" to="https://j.mp/"/>
+  -->
+
 </ruleset>
diff --git a/src/chrome/content/rules/Facebook.xml b/src/chrome/content/rules/Facebook.xml
index 3a9f053..3b5744a 100644
--- a/src/chrome/content/rules/Facebook.xml
+++ b/src/chrome/content/rules/Facebook.xml
@@ -3,10 +3,10 @@
   <target host="*.facebook.com" />
   <target host="www.v6.facebook.com" />
 
-  <securecookie host=".*\.facebook.com" name="c_user" />
-  <securecookie host=".*\.facebook.com" name="lu" />
-  <securecookie host=".*\.facebook.com" name="sct" />
-  <securecookie host=".*\.facebook.com" name="xs" />
+  <securecookie host=".*\.facebook\.com$" name="c_user" />
+  <securecookie host=".*\.facebook\.com$" name="lu" />
+  <securecookie host=".*\.facebook\.com$" name="sct" />
+  <securecookie host=".*\.facebook\.com$" name="xs" />
 
   <rule from="^http://(www\.)?facebook\.com/" to="https://www.facebook.com/"/>
   <rule from="^http://m\.facebook\.com/"; to="https://m.facebook.com/"/>
-- 
1.7.1

Prev by Author: [or-cvs] [https-everywhere/master 5/7] Add a securecookie test/example to Facebook.xml
Next by Author: [or-cvs] [https-everywhere/master 1/5] Country homepages -> encrypted.google.com
Previous by thread: [or-cvs] [https-everywhere/master] rule for Access (accessnow.org)
Next by thread: [or-cvs] r23783: {arm} Providing an option to use the same ordering as the man page (in arm/trunk: . src/interface src/util)
Index(es):
- Author
- Thread