[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #21690 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Sta.sh ruleset is enabled but not DeviantArt, causing mixed content warnings

Subject: [tor-bugs] #21690 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Sta.sh ruleset is enabled but not DeviantArt, causing mixed content warnings
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 08 Mar 2017 16:45:58 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 08 Mar 2017 11:46:09 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21690: Sta.sh ruleset is enabled but not DeviantArt, causing mixed content
warnings
-------------------------------------------------+-------------------------
     Reporter:  cypherpunks                      |      Owner:  jsha
         Type:  defect                           |     Status:  new
     Priority:  Medium                           |  Milestone:
    Component:  HTTPS Everywhere/EFF-HTTPS       |    Version:
  Everywhere                                     |   Keywords:  httpse-
     Severity:  Normal                           |  ruleset-bug
Actual Points:                                   |  Parent ID:
       Points:                                   |   Reviewer:
      Sponsor:                                   |
-------------------------------------------------+-------------------------
 If you visit an https stash page that is using generated deviant art
 thumbnails, the thumbnails will fail to load as mixed content.

 EG the following renders correct: http://sta.sh/0127ggexeju2
 The following fails to render in both firefox and chrome:
 https://sta.sh/0127ggexeju2

 The https version looks like this: https://imgur.com/gC9Qias
 Here is a paste of the errorcodes: http://pastebin.com/qjijAEbU

 Sta.sh is enabled: https://www.eff.org/https-
 everywhere/atlas/domains/sta.sh.html
 But not DA: https://www.eff.org/https-
 everywhere/atlas/domains/deviantart.com.html

 The former should be disabled or the latter enabled

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21690>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #21678 [Core Tor/Tor]: Unify Windows and Unix API for tor_read_all_handle() in util.c
Next by Author: Re: [tor-bugs] #9768 [Metrics/Atlas]: The CSS used on Atlas should be responsive
Previous by thread: [tor-bugs] #21689 [Applications/Tor Browser]: RequestCache from the Fetch API is available, make sure it adheres to our cache isolation
Next by thread: Re: [tor-bugs] #21554 [Core Tor]: Inventory proposals that need merging into specs ; merge them.
Index(es):
- Author
- Thread