[HTTPS-E Rulesets] A question regarding a revised HON ruleset (May 6, 2011 message)
Seth David Schoen
schoen at eff.org
Mon May 9 13:39:24 PDT 2011
mezzanine at Safe-mail.net writes:
> I previously sent a message, dated May 6, 2011, that included a
> ruleset for HON (Health On the Net) among others. This specific
> HON ruleset was revised from a previous one and the
> trivial-validate script indicated that the revised HON ruleset
> was valid, from what one remembers. If there is a specific
> problem or issue regarding the revised ruleset, it would be
> useful to know what it is. (I do know that the revised ruleset
> breaks certain images, though as bugs go this is not as serious
> as it could be. From what one can tell, the problem is that the
> affected images are referenced via relative URLs in the Web
> pages. If they were referenced via absolute URLs, it would
> probably be possible to use exclusion patterns to allow the
> affected images to load via HTTP.)
Hi,
I was concerned about your report that some images are broken,
because I thought users might consider this as breaking the site.
Maybe we should include the rule but make it default_off for now.
HTTPS Everywhere uses the final form of the URL as the web browser
requests it, not the form in the <img src> attribute in the HTML
source of the web page. This means that if there's a syntactic
pattern to the images that don't work, we ought to be able to
capture that in an exclusion rule.
--
Seth Schoen
Senior Staff Technologist schoen at eff.org
Electronic Frontier Foundation https://www.eff.org/
454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107
More information about the HTTPS-Everywhere-Rules
mailing list