[HTTPS-E Rulesets] ImageShack improvements
Christopher Liu
cmliu00151 at gmail.com
Sat Oct 13 21:37:26 PDT 2012
To whom it may concern:
All of the following concerns the ImageShack ruleset.
The domain kb.imageshack.us appears to need an exclusion due to not
listening on https. For example, the "FAQ" link on the imageshack.us
homepage points to http://kb.imageshack.us/is/article?22=faq .
However, its favicon located at kb.imageshack.us/img/favicon.ico is
equivalent to the one at imageshack.us/favicon.ico. That is,
<exclusion pattern="^http://kb\.imageshack\.us/(?!img/favicon\.ico$)" />
<rule from="^http://kb\.imageshack\.us/img/favicon\.ico$"
to="https://imageshack.us/favicon.ico" />
All image content (but not pages) from the img\d{1,3} subdomains
appears also to be available under https://imageshack.us/a/. For
example: http://img20.imageshack.us/img20/1273/img5474w.th.jpg ->
https://imageshack.us/a/img20/1273/img5474w.th.jpg
In other words, the existing exclusion should be limited to <exclusion
pattern="^http://img\d{1,3}\.imageshack\.us/(?!img\d{1,3}/\d+/\w+\.)"
/>, and
<rule from="^http://img\d{1,3}\.imageshack\.us/(img\d{1,3}/\d+/\w+)\.(th\.)?(bmp|gif|jpe?g|png|tiff?)(\?|$)"
to="https://imageshack.us/a/$1.$2$3$4" />
"th" stands for thumbnail, and query parameters are used to track
referers when clicking on a thumbnail to get to the image page.
As usual, thank you for your time and help.
C. Liu
More information about the HTTPS-Everywhere-Rules
mailing list