<div dir="ltr"><div><div>I did email Craigslist yesterday about <a href="http://images.craigslist.org">images.craigslist.org</a>. It would be awesome if they fixed it already! <br><br></div>Micah, I think Chris's patch is useful for a different problem. Ex: <a href="https://elpaso.en.craigslist.org">https://elpaso.en.craigslist.org</a> does not have a valid cert.<br>
<br></div>I'll email Craigslist about this other bug as well.<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Mon, Aug 19, 2013 at 3:00 PM, Micah Lee <span dir="ltr"><<a href="mailto:micah@eff.org" target="_blank">micah@eff.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Chris,<br>
<br>
I'm looking into applying your patch, but I actually can't seem to<br>
reproduce the problem. I've tried a couple different versions of Firefox<br>
and both the stable and dev version of HTTPS Everywhere, but images on<br>
Craigslist are loading fine for me:<br>
<br>
<a href="https://trac.torproject.org/projects/tor/ticket/9528#comment:3" target="_blank">https://trac.torproject.org/projects/tor/ticket/9528#comment:3</a><br>
<br>
Can you tell me what setup you're using and a specific URL where images<br>
break?<br>
<div><div class="h5"><br>
On 08/19/2013 01:49 PM, Christopher Mooney wrote:<br>
> I have a fix for the new craigslist rule that should exclude 4th level subdomains, since craigslist does not have wildcard certs for these domains.  I sent this request to pde in IRC, but someone mentioned that he was on sabbatical and that this list was a better place to send the pull request.  These 4th level domains are language specifiers, and this scheme is likely to change in the future.<br>

><br>
> There is one more issue with craigslist not providing images over SSL, but that should be resolved soon.<br>
><br>
> Please review this diff for accuracy, I only read the https everywhere documentation very quickly.<br>
><br>
> Diff:<br>
> -----<br>
> <a href="https://github.com/godsflaw/https-everywhere/compare/7faa1c8...539a859" target="_blank">https://github.com/godsflaw/https-everywhere/compare/7faa1c8...539a859</a><br>
><br>
> To merge this pull request:<br>
> ---------------------------<br>
> git checkout master<br>
> git pull<br>
> git pull <a href="https://github.com/godsflaw/https-everywhere.git" target="_blank">https://github.com/godsflaw/https-everywhere.git</a> craigslist<br>
> git push origin master<br>
><br>
> Cheers,<br>
> Chris<br>
><br>
><br>
><br>
</div></div>> _______________________________________________<br>
> HTTPS-everywhere mailing list<br>
> <a href="mailto:HTTPS-everywhere@mail1.eff.org">HTTPS-everywhere@mail1.eff.org</a><br>
> <a href="https://mail1.eff.org/mailman/listinfo/https-everywhere" target="_blank">https://mail1.eff.org/mailman/listinfo/https-everywhere</a><br>
><br>
<span class="HOEnZb"><font color="#888888"><br>
<br>
--<br>
Micah Lee<br>
Staff Technologist<br>
Electronic Frontier Foundation<br>
<a href="https://eff.org/join" target="_blank">https://eff.org/join</a><br>
@micahflee<br>
<br>
</font></span><br>_______________________________________________<br>
HTTPS-everywhere mailing list<br>
<a href="mailto:HTTPS-everywhere@mail1.eff.org">HTTPS-everywhere@mail1.eff.org</a><br>
<a href="https://mail1.eff.org/mailman/listinfo/https-everywhere" target="_blank">https://mail1.eff.org/mailman/listinfo/https-everywhere</a><br></blockquote></div><br><br clear="all"><br>-- <br>Yan Zhu<br><a href="http://web.mit.edu/zyan/www/" target="_blank">http://web.mit.edu/zyan/www/</a>
</div>