[HTTPS-E Rulesets] Update for "AOL (partial)" ruleset: AOL.xml

[Lee, Glen]

I work at AOL, and we were getting reports that some users were not able to logout using the "HTTPS Everywhere" extension.  Our Logout process was designed to clear cookies from partner sites over both SSL and Non-SSL, so the current AOL Ruleset prevents the Non-SSL portion from doing its job.  I added a simple exclusion to the AOL.xml ruleset and tested it, which seems to resolve the issue.  Can you please add this update, and let me know when it's updated?  Also, the documentation wasn't clear to me as to when users would expect to see update reflected.  We are wondering what would the turnaround be for a user to have their ruleset updated on their browser, because we are considering how to best communicate solutions for our users (e.g., disabling HTTPS Everywhere ruleset for AOL).

The full AOL.xml file update is below, but basically, I just added the following exclusion pattern for Logout:
<exclusion pattern="^http://my\.screenname\.aol\.com/_cqr/logout/"/>

Thanks,
-Glen Lee, AOL

=====================================
<!--
Other AOL rulesets:

- AOL-Advertising.xml
- AOL-mismatches.xml


Nonfunctional:

- euportal.aolcdn.com (Akamai; "Service Unavailable")
- blogsmithmedia.com (ditto)
- (massively.|www.)joystiq.com
- (www.)weblogsinc.com

-->
<ruleset name="AOL (partial)">

<target host="aim.com" />
<target host="*.aim.com" />
<target host="aol.com" />
<target host="*.aol.com" />
<target host="dev.sandbox.autos.aol.com" />
<target host="misc.blogsmith.aol.com" />
<target host="account.login.aol.com" />
<target host="api.mail.aol.com" />
<target host="*.oscar.aol.com" />
<target host="aolctoftp.red.aol.com" />
<target host="*.screenname.aol.com" />
<target host="dashboard.voice.aol.com" />
<target host="cdn.webmail.aol.com" />
<target host="aol.co.uk" />
<target host="*.aol.co.uk" />
<target host="*.aolcdn.com" />
<exclusion pattern="^http://o\.aolcdn\.com/(dims-global|mars|myfeeds|portaleu)/" />
<target host="netscape.com" />
<target host="*.netscape.com" />

<!-- .my.screenname.aol.com -->
<securecookie host="^(dev\.sandbox\.autos|new)\.aol\.com$" name=".*" />
<securecookie host="^www\.aol\.co\.uk$" name=".*" />

<exclusion pattern="^http://my\.screenname\.aol\.com/_cqr/logout/"/>

<!-- - !www doesn't work
- cdn: Akamai
-->
<rule from="^https?://(?:cdn\.|www\.)?aim\.com/"
to="https://www.aim.com/" />

<rule from="^https?://(?:www\.)?aol\.com/(favicon\.ico|video/)"
to="https://www.aol.com/$1" />

<rule from="^http://((?:dev\.sandbox\.)?autos|bill|misc\.blogsmith|contactus|account\.login|(?:api\.|cdn\.web)mail|myaccount|netscape|new|openid|pki-info|aolctoftp\.red|s2c|(?:api|my)\.screenname|dashboard\.voice)\.aol\.com/"
to="https://$1.aol.com/" />

<rule from="^https?://(?:exp)?api\.oscar\.aol\.com/"
to="https://api.oscar.aol.com/" />

<rule from="^https?://(?:www\.)?aol\.co\.uk/"
to="https://www.aol.co.uk/" />

<rule from="^http://rs\.aol\.co\.uk/"
to="https://rs.aol.co.uk/" />

<rule from="^https?://(?:o|s(ns-static)?)\.aolcdn\.com/"
to="https://s$1.aolcdn.com/" />

<!-- - Doesn't work over https.
- Redirects as so.
-->
<rule from="^https?://(?:(?:home|www)\.)?netscape\.com/"
to="https://netscape.aol.com/" />

<rule from="^https?://(?:web)?mail\.netscape\.com/"
to="https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=sns.webmail.aol.com" />

</ruleset>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere-rules/attachments/20120914/f79dab0b/attachment.html>