[HTTPS-E Rulesets] DeviantArt ruleset recently broken

Seth David Schoen schoen at eff.org
Thu Sep 15 17:04:01 PDT 2011


Christopher Wichura writes:

> Sometime today (Sunday, Sept. 10th) the DeviantArt ruleset stopped working
> for me.  All inline deviations now fail to load (e.g., the thumbnails, the
> preview images when opening a deviation, etc).  Avatar icons, however,
> appear to still load properly.  If I disable the DeviantArt ruleset, the
> website again displays properly.
> 
> Even before the ruleset stopped working today, I would routinely get a
> certificate error while browsing DeviantArt which appears to be related to
> the CDN they are using, saying that the cert didn't match the domain *.
> deviantart.com.
> 
> This behavior is happening to me on two Macs (one Snow Leopard, one Lion)
> and one Windows XP laptop (all running Firefox 6.0.2).  HTTPS Everywhere is
> version 1.0.1 with the ruleset definitions that ships with; I have not
> manually altered or updated any of the rulesets.

We were contacted by DeviantArt and they asked us to disable the ruleset,
which has been done in the development repository but not yet in any
releases.  I told them that we were in the process of disabling it, so
perhaps they've gone ahead and disabled HTTPS support entirely right away.

-- 
Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107



More information about the HTTPS-Everywhere-Rules mailing list