[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #6279 [EFF-HTTPS Everywhere]: Rules: POF / Plenty Of Fish
#6279: Rules: POF / Plenty Of Fish
----------------------------------+-----------------------------------------
Reporter: grarpamp | Owner: MB
Type: defect | Status: accepted
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Comment(by MB):
Replying to [comment:3 grarpamp]:
> Why continue non-backref'ing when there no backrefs.
I saw the initial wave of uncapturing that went through rulesets had
uncaptured exclusion patterns, and assumed that https-everywhere holds
onto such atoms despite not needing to. From this question, I'm assuming
that my assumption was incorrect.
> Why continue redir https to https.
Because the certificate doesn't match pof.com, and as the rule is, it
rewrites from https://pof.com to https://www.pof.com. This is explained
(albeit leaving the reasoning implicit) with "Cert doesn't match...".
> Why continue not include known hosts.
Because my time is limited, and I haven't gotten around to that yet.
> Why continue remap many hosts to one.
Read the comments, specifically: "pics\d?: Akamai"
> Why unprotect aspx (which is put whole site used) and user at risk
anyway then.
> etc.
The comments address this: "302s to http".
If the comments could be better, I'm happy to change them.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6279#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs