[HTTPS-E Rulesets] YouTube rule and embedded video

Osama Khalid osamak at gnu.org
Sun May 8 11:50:50 PDT 2011


On Fri, May 06, 2011 at 03:58:03PM -0700, Seth David Schoen wrote:
> I went to Boing Boing to look at some embeded YouTube videos and the
> first one on the page failed, while the second and third ones
> worked.  Looking at Boing Boing's HTML, the method used to embed
> them was quite different.  The one that failed is

After some debugging, I manged to get it to work with the following
exclusion:

  <exclusion pattern="^http://(www\.)?youtube\.com/crossdomain\.xml"/>

I don't really know what's the difference between the encrypted and
unencrypted versions of crossdomain.xml and the md5 sums were even
identical.

But what I can confirm is that youtube-nocookie.com embedded videos
work fine with that line. Tested with three different videos.

--Osama Khalid
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.eff.org/pipermail/https-everywhere-rules/attachments/20110508/9e6b7484/attachment.sig>


More information about the HTTPS-Everywhere-Rules mailing list