[HTTPS-E Rulesets] Imgur: unresolved redirect loops
Christopher Liu
cmliu00151 at gmail.com
Mon Jul 22 22:16:34 PDT 2013
To whom it may concern:
https://gitweb.torproject.org/https-everywhere.git/commitdiff/364a9298e3c400b2702b3d04b406a84d98f6ccb2
attempted to enable coverage for all of (www.)imgur.com, but there are
still many pages redirecting to http.
It appears that the previous exclusions were never quite complete.
The homepage is the only thing that ever _stopped_ redirecting to
http, as far as I could notice. It later resumed redirecting (see
https://bugzilla.mozilla.org/show_bug.cgi?id=866986#c7 ).
These paths redirect to http:
- random$
- gallery/ (this includes image pages as well as a XHR made by the
homepage's infinite scroll feature)
- a/[imageID]/embed
- help$
- tos$
- removalrequest$
- apps$
These paths don't:
- register$
- register/upgrade$
- signin$
- images/
- include/
- min/
Everything appears to be ok if we limit the coverage of (www.)imgur.com to:
<rule from="^http://(www\.)?imgur\.com/(images|include|min|register|signin)(/|\?|$)"
to="https://$1imgur.com/$2$3"/>
There is a bit of coverage we could add, though: store.imgur.com =
imgur-store.myshopify.com
I haven't yet tested with an account.
(This message doesn't strictly apply to the 3.x stable branch, because
the Imgur ruleset is disabled there, though the exclusions are
incomplete as explained.)
C. Liu
More information about the HTTPS-Everywhere-Rules
mailing list