[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] [https-everywhere/master 2/2] thanks to Chris Soghoian for pointing out that HTTPS is available here now!
Author: Seth Schoen <schoen@xxxxxxx>
Date: Thu, 11 Nov 2010 12:23:52 -0800
Subject: thanks to Chris Soghoian for pointing out that HTTPS is available here now!
Commit: 17c79ff60421ec03287111680d2cbbaf22d9546a
---
src/chrome/content/rules/Live.xml | 22 +++++++++++++++++++---
1 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/src/chrome/content/rules/Live.xml b/src/chrome/content/rules/Live.xml
index 138428d..2649560 100644
--- a/src/chrome/content/rules/Live.xml
+++ b/src/chrome/content/rules/Live.xml
@@ -1,6 +1,22 @@
<ruleset name="Live">
- <target host="login.live.com" />
- <target host="onecare.live.com" />
-
+ <target host="*" />
+ <!-- target host is * because Live URLs can contain multiple unpredictable
+ components, like http://snXXXw.sntXXX.mail.live.com/default.aspx
+ In the current target host syntax, a wildcard can match only one
+ hostname element, not two, and only one wildcard per target host
+ is permitted. -->
+
+ <!-- Microsoft itself protects the login this way but we can prevent
+ against SSL stripping. -->
<rule from="^http://(login|onecare)\.live\.com/" to="https://$1.live.com/"/>
+
+ <!-- Both of these appear to trigger two good things: (1) the user is
+ prompted to make HTTPS the default; (2) even if the user decides
+ not to, the remainder of that mail-reading session is automatically
+ HTTPS-only. -->
+ <rule from="^http://(www\.)hotmail\.com/" to="https://www.hotmail.com/"/>
+ <rule from="^http://([^@:/]+)\.([^@:/]+)\.mail.live.com/" to="https://$2.mail.live.com/"/>
+ <!-- example:
+ http://sn133w.snt133.mail.live.com/default.aspx?wa=wsignin1.0 >>>
+ https://snt133.mail.live.com/default.aspx?wa=wsignin1.0 -->
</ruleset>
--
1.7.1