<div dir="ltr"><div>For anyone who is curious, I looked into this some more (see below).<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Aug 1, 2013 at 3:56 PM, Claudio Moretti <span dir="ltr"><<a href="mailto:flyingstar16@gmail.com" target="_blank">flyingstar16@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div><div><div><div><div>Hi everyone,<br><br></div>I don't know if it's a compatibility issue with one of my addons or something else, but here's what's happening to me:<br>
<br></div>I'm trying to load 9GAG and while the main page loads, the subsequent AJAX calls are not.<br>
<br></div></div></div></div></div></blockquote><div><br></div><div>I looked at the AJAX calls in Firebug today with HTTPS Everywhere on and found that they load except for the ones to <a href="http://9gag.com">9gag.com</a> URLs. When I disable the <a href="http://9gag.com">9gag.com</a> rule, all Ajax calls load.<br>
<br></div><div>When the <a href="http://9gag.com">9gag.com</a> rule is enabled, it gets marked as "moot" (dark brown) because <a href="http://9gag.com">9gag.com</a> redirects to HTTP. After HTTPS Everywhere tries to redirect it 10 times without success, it adds it to a blacklist so that we don't get stuck in an infinite redirect loop. <br>
<br></div><div>So it seems that while HTTPS Everywhere correctly detects the redirect loop when loading <a href="http://9gag.com">9gag.com</a>, it doesn't detect redirect loops for subsequent Ajax calls to that domain. <br>
<br></div><div>This may be related to the fact that we currently can't detect Javascript redirection loops at all (<a href="https://trac.torproject.org/projects/tor/ticket/4286">https://trac.torproject.org/projects/tor/ticket/4286</a>). <br>
<br></div><div>If so, I think the only solution is to turn off the 9gag rule by default til we fix that ticket. :/<br><br></div><div>-Yan<br></div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr"><div><div><div>I believe this is happening because, for some reason, this particular website is trying to load HTTP resources even when browsed over HTTPS. Meaning that when I checked with Firebug, I found out my browser was trying to load<br>
<br><b>http</b>://<a href="http://platform.twitter.com/widgets.js" target="_blank">platform.twitter.com/widgets.js</a><br><br></div>along with some others (screenshot: <a href="http://img27.imageshack.us/img27/7821/noyp.png" target="_blank">http://img27.imageshack.us/img27/7821/noyp.png</a>)<br>
<br></div></div></div></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div></div>Any advice? for now my only option is to disable HTTPS-Everywhere, because disabling the rules only doesn't seem to work (and, moreover, I'm disabling too many common APIs for my taste - Google mostly - so it's faster if I disable HTTPS-E)<br>
<br></div>Thanks,<br><br>Claudio<br></div>
<br>_______________________________________________<br>
HTTPS-everywhere mailing list<br>
<a href="mailto:HTTPS-everywhere@mail1.eff.org">HTTPS-everywhere@mail1.eff.org</a><br>
<a href="https://mail1.eff.org/mailman/listinfo/https-everywhere" target="_blank">https://mail1.eff.org/mailman/listinfo/https-everywhere</a><br></blockquote></div><br><br clear="all"><br>-- <br>Yan Zhu<br><a href="http://web.mit.edu/zyan/www/" target="_blank">http://web.mit.edu/zyan/www/</a>
</div></div>