[HTTPS-E Rulesets] Updated rule for api.recaptcha.net

Benjamin Moody benjamin.moody at gmail.com
Sat Apr 30 21:11:46 PDT 2011

Previous message: [HTTPS-E Rulesets] Gitorious.org.xml
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

The current HTTPS-Everywhere rule for api.recaptcha.net (part of the
"Google APIs" rule set) is as follows:

  <rule from="^http://api\.recaptcha\.net/"
          to="https://api-secure.recaptcha.net/"/>

I believe this should be changed to:

  <rule from="^http://api\.recaptcha\.net/"
          to="https://www.google.com/recaptcha/api/"/>

api-secure.recaptcha.net has apparently been deprecated (currently
requests are redirected to the corresponding
https://www.google.com/recaptcha/api/ address.)  Furthermore, the
certificate for api-secure.recaptcha.net has expired and fails OCSP.
For more information, see the announcement here:
https://groups.google.com/group/recaptcha-announce/browse_thread/thread/c1ff6844420c9e63

Benjamin Moody

Previous message: [HTTPS-E Rulesets] Gitorious.org.xml
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the HTTPS-Everywhere-Rules mailing list