[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #8584 [EFF-HTTPS Everywhere]: Chrome - Apple Support site broken (mixed content)
#8584: Chrome - Apple Support site broken (mixed content)
----------------------------------+-----------------------------------------
Reporter: alphawolf | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone: HTTPS-E Chrome 2013.4.1x
Component: EFF-HTTPS Everywhere | Version: HTTPS-E chrome 2013.3.7
Keywords: httpse-ruleset-bug | Parent: #6975
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Changes (by pde):
* cc: MB (added)
* milestone: => HTTPS-E Chrome 2013.4.1x
Comment:
Flagging this ruleset as platform="mixedcontent" would disable HTTPS
Everywhere protection for Apple.com completely on Chrome, which I think is
rather drastic. I'm going to make an Apple (mixedcontent) ruleset, move
the support.apple.com site in there, and have it flagged to be disabled on
Chrome (and Firefox 23+). MB, this might be an appropriate approach to
take for large/important sites with corners that have mixedcontent
problems.
We also need someone at Apple to start working on the problem of
eradicating mixed content when people land on the site via https. I'll
send their security team to this ticket.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8584#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs