[HTTPS-E Rulesets] linuxfoundation.org

[Mats Wichmann]

The Linux Foundation has relaunched their services with a redirection
scheme which breaks https-everywhere - at least for me, I assume my
browser setup is not somehow unique. What seems to be happening is
things drop into a redirection loop between the browser and the server
and things eventually just time out. They're apparently not going to
make adjustments:

===
Thanks for reporting this.  The behavior to force anonymous traffic to
http was intentional, and since the site's behavior is compliant with
standard browsers I don't think it's embarrassing to have them remove us
from their ruleset.  (We use https for logged in users with a
secure-only flag on the cookie  to circumvent session hijacking, which I
assume is one of the purposes of https-everywhere.)
===

I read that https-everywhere is supposed to be able to work with sites
that redirect everything back to http:// so not sure if the rule should
be different, or if they need to be taught how to set up the site more
appropriately.

Again: there is a ruleset for linuxfoundation.org, but the site has been
completely relaunched since that was put in place.

regards,

-- mats