[HTTPS-E Rulesets] MapQuest - consider reenabling/expanding
Christopher Liu
cmliu00151 at gmail.com
Sat May 18 16:24:28 PDT 2013
To whom it may concern:
Sorry that I begged you on a couple previous occasions to disable the
MapQuest ruleset. It works fine for me now, and I'm not sure that it
was ever truly broken - so please consider reenabling it at least for
development builds (5.x if you don't feel comfortable for 4.x).
My best hypothesis is that there was some IPv6 brokenness on my end.
(I should have noticed earlier that the site supports IPv6 and taken
appropriate corrective action.) I'm not familiar enough with modern
TLS stacks / other protocols involved to say definitively why that
would disproportionately affect HTTPS, though.
Also, it appears that there is now a secure CDN for map images:
<rule from="^https?://(api|mtile\d\d)(?:-s)?\.mqcdn\.com/"
to="https://$1-s.mqcdn.com/" />
I see at least one script and one stylesheet which might justify
platform="mixedcontent" for www.mapquest.com itself.
As usual, thank you for your help, and sorry for any inconvenience.
C. Liu
More information about the HTTPS-Everywhere-Rules
mailing list