[HTTPS-E Rulesets] boohoo.com

Drake, Brian brian at drakefamily.tk
Sun Jan 12 22:29:33 PST 2014 

When I tested those rules that I picked out from the development branch (as
mentioned in my previous message), I found some improvements could be made
there as well:

   1. Adobe Digital Marketing: add <rule from="^http://www\.demdex\.com/
   to="https://www.adobe.com/products/audiencemanager.html" />
   2. Criteo: https://labs.criteo.com/ times out (but maybe other addresses
   on that domain work; I don’t know any examples so I can’t test them myself)
   3. eXelate: loadxl.exelator.com does not exist
   4. MaxMind:
      1. https://dev.maxmind.com/ gives redirect loop (should check other
      addresses on that domain; I don’t know any examples so I can’t test them
      myself)
      2. Only geoip[1-4].maxmind.com exist; geoip[05-9].maxmind.com do not
      exist
   5. Maxymiser:
      1. Add subdomain ui61
      2. https://(www\.)?maxymiser\.com/ is mixed content; I don’t know if
      the insecure requests can be rewritten to eliminate the mixed content
      6. rfihub.com ruleset: Add these observed subdomains: 20508663p,
   20526237p
   7. Rubicon Project ruleset: https://www.rubiconproject.com/ is mixed
   content; I don’t know if the insecure requests can be rewritten to
   eliminate the mixed content
   8. SaleCycle ruleset: https://www.salecycle.com/ works but is mixed
   content

Maybe someone will work with this; otherwise, I’ll come back when I’ve
learned to make Git patches (I’m new to Linux).

--
Brian Drake

All content created by me:
Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>©
2014 Brian Drake. All rights reserved.

On Mon, Jan 13, 2014 at 0619 (UTC), Drake, Brian <brian at drakefamily.tk>wrote:

> I tried to create rules for everything on the shopping site boohoo.com.
>
> Attached are two rulesets. One is a collection of new rules for this site.
> The other one (the one marked “development”) is a collection of rules
> already in the development branch (this is to help users of the stable
> releases, which don’t include all the rules that are relevant to this site).
>
> As far as I can tell, everything on ((www|reporting)\.)?boohoo.com is
> available in HTTPS, but when I try to rewrite some of the requests (see the
> commented-out exclusions in the attached ruleset), they end up
> disappearing! Specifically, they don’t appear at all in the Web Console,
> where normally they would appear as HTTP requests.
>
> I have observed this on Firefox 25.0/HTTPS Everywhere 3.4.5 and Iceweasel
> 17.0.5/HTTPS Everywhere 3.1.4. The requests I am referring to are made when
> the user tries to add an item to the cart. When the requests fail due to my
> attempts to rewrite them, it is not possible to add an item to the cart.
>
> At least some of these are AJAX requests; when I make the requests
> manually, they give the expected response, even under HTTPS. But they don’t
> work as part of the page they’re included in.
>
> I have no idea why it is happening. Does anyone else have any idea?
>
> --
> Brian Drake
>
> All content created by me: Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>© 2014 Brian Drake. All rights reserved.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere-rules/attachments/20140113/697b6b16/attachment.html>

More information about the HTTPS-Everywhere-Rules mailing list