[HTTPS-E Rulesets] Broken Edgecast rule for vidyard.com

Yan Zhu yan at mit.edu
Tue Jul 23 20:02:38 PDT 2013 

Hi there,

On Tue, Jul 23, 2013 at 9:57 PM, Tyler Campaigne <tyler at vidyard.com> wrote:

> Hello,
>
> Our HTTPS Edgecast URLs are 404ing on the redirect. As an example file,
> https://gs1.wpc.edgecastcdn.net/8061DD/mirror_assets_production/javascripts/amplify.store.min.js
> is redirecting to
> https://ne.wac.edgecastcdn.net/8061DD/mirror_assets_production/javascripts/amplify.store.min.jswhich is a 404 for our Edgecast account.
>
>
That would be because there is a specific rule in the HTTPS Everywhere
ruleset that redirects ne.wac.edgecastcdn to gs1.wpc.edgecastcdn, namely:

<rule from="^https?://(?:ne\.wa|gs1\.wp)c\.edgecastcdn\.net/"
        to="https://ne.wac.edgecastcdn.net/" />

My guess is that whoever wrote the rule thought that gs1.wpc was equivalent
to ne.wac, but apparently that's not true. We should either write rule
exceptions for the resources that are available via gs1.wpc but not ne.wac,
or just remove the gs1.wpc -> ne.wac rewrite altogether.

You can see all the rules that someone has written at
https://www.eff.org/https-everywhere/atlas/domains/edgecastcdn.net.html.


> Our HTTP links work perfectly fine with the current ruleset, just the
> HTTPS ones seem to have broken rules for us.
>
> I guess the main question I have is why the Edgecast rules are set up for
> requests that are already over HTTPS, as it seems redundant.
>

It can't be guaranteed that everyone who makes those requests will always
use the https version rather than http, so some extra redundancy is
probably good.


> As well, I'm not sure what a custom rule for our site would be, since the
> gs1.wpc.edgecastcdn.net domain appears to be too general to make a custom
> rule for.
>
> Any advice as to how to fix this for our site would be greatly appreciated!
>

Thanks! If you have suggested changes to the rule, please let us know. It's
likely that the author missed some cases, or rewrites that worked at the
time no longer do.

-Yan


>
> Cheers,
> Tyler
>



-- 
Yan Zhu
http://web.mit.edu/zyan/www/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere-rules/attachments/20130724/21432d7a/attachment.html>

More information about the HTTPS-Everywhere-Rules mailing list