[HTTPS-E Rulesets] boohoo.com
Drake, Brian
brian at drakefamily.tk
Sun Jan 12 22:29:33 PST 2014
When I tested those rules that I picked out from the development branch (as
mentioned in my previous message), I found some improvements could be made
there as well:
1. Adobe Digital Marketing: add <rule from="^http://www\.demdex\.com/
to="https://www.adobe.com/products/audiencemanager.html" />
2. Criteo: https://labs.criteo.com/ times out (but maybe other addresses
on that domain work; I don’t know any examples so I can’t test them myself)
3. eXelate: loadxl.exelator.com does not exist
4. MaxMind:
1. https://dev.maxmind.com/ gives redirect loop (should check other
addresses on that domain; I don’t know any examples so I can’t test them
myself)
2. Only geoip[1-4].maxmind.com exist; geoip[05-9].maxmind.com do not
exist
5. Maxymiser:
1. Add subdomain ui61
2. https://(www\.)?maxymiser\.com/ is mixed content; I don’t know if
the insecure requests can be rewritten to eliminate the mixed content
6. rfihub.com ruleset: Add these observed subdomains: 20508663p,
20526237p
7. Rubicon Project ruleset: https://www.rubiconproject.com/ is mixed
content; I don’t know if the insecure requests can be rewritten to
eliminate the mixed content
8. SaleCycle ruleset: https://www.salecycle.com/ works but is mixed
content
Maybe someone will work with this; otherwise, I’ll come back when I’ve
learned to make Git patches (I’m new to Linux).
--
Brian Drake
All content created by me:
Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>©
2014 Brian Drake. All rights reserved.
On Mon, Jan 13, 2014 at 0619 (UTC), Drake, Brian <brian at drakefamily.tk>wrote:
> I tried to create rules for everything on the shopping site boohoo.com.
>
> Attached are two rulesets. One is a collection of new rules for this site.
> The other one (the one marked “development”) is a collection of rules
> already in the development branch (this is to help users of the stable
> releases, which don’t include all the rules that are relevant to this site).
>
> As far as I can tell, everything on ((www|reporting)\.)?boohoo.com is
> available in HTTPS, but when I try to rewrite some of the requests (see the
> commented-out exclusions in the attached ruleset), they end up
> disappearing! Specifically, they don’t appear at all in the Web Console,
> where normally they would appear as HTTP requests.
>
> I have observed this on Firefox 25.0/HTTPS Everywhere 3.4.5 and Iceweasel
> 17.0.5/HTTPS Everywhere 3.1.4. The requests I am referring to are made when
> the user tries to add an item to the cart. When the requests fail due to my
> attempts to rewrite them, it is not possible to add an item to the cart.
>
> At least some of these are AJAX requests; when I make the requests
> manually, they give the expected response, even under HTTPS. But they don’t
> work as part of the page they’re included in.
>
> I have no idea why it is happening. Does anyone else have any idea?
>
> --
> Brian Drake
>
> All content created by me: Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>© 2014 Brian Drake. All rights reserved.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere-rules/attachments/20140113/697b6b16/attachment.html>
More information about the HTTPS-Everywhere-Rules
mailing list