[HTTPS-E Rulesets] Fwd: icabanken.se

Joakim Walldén joakim.wallden at gmail.com
Mon Jan 13 08:27:09 PST 2014 

Thanks.

So <target host="icabanken.se"/>, without “www”, must be included, although
only www.icabanken.se is available.

<ruleset name="ICABANKEN.se">
<target host="www.icabanken.se"/>
 <target host="icabanken.se"/>
 <rule from="^http://icabanken\.se/" to="https://www.icabanken.se/"/>
 <rule from="^http://www\.icabanken\.se/" to="https://www.icabanken.se/"/>
</ruleset>

Or, with the suggested combined rule:

<ruleset name="ICABANKEN.se">
 <target host="www.icabanken.se"/>
<target host="icabanken.se"/>
 <rule from="^http://(www\.)?icabanken\.se/" to="https://www.icabanken.se/"
/>
</ruleset>

Secure cookie, maybe

<securecookie host="^(.*\.)?icabanken\.se$" name=".*" />

As far as I have seen, the entire site is available over HTTPS. Most links
on the page lead to HTTP, unless the user is logged in. However, I have the
domain added to Chrome’s HSTS-list, and that works well. I am not aware of
any subdomains, only www.icabanken.se.

Thanks and regards,
Joakim


2014/1/13 Drake, Brian <brian at drakefamily.tk>

It looks good, except that you are missing <target host="icabanken.se" />.
>
> Again, you could combine the rules:
>
> <rule from="^http://(www\.)?icabanken\.se/" to="https://www.icabanken.se/"
> />
>
> This does the same thing as the separate rules, but in one rule.
>
> If the entire site is available over HTTPS, you should secure the cookies
> (but I don’t have much experience myself in that area).
>
> <securecookie host="^(.*\.)?icabanken\.se$" name=".*" />
>
> Remember to consider any other subdomains of icabanken.se when you do
> that.
>
> --
> Brian Drake
>
> All content created by me: Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>© 2014 Brian Drake. All rights reserved.
>
> On Mon, Jan 13, 2014 at 1417 (UTC), Joakim Walldén <
> joakim.wallden at gmail.com> wrote:
>
>> Hi,
>>
>> I suggest adding a ruleset for icabanken.se.
>>
>> <ruleset name="ICABANKEN.se">
>>  <target host="www.icabanken.se"/>
>>  <rule from="^http://icabanken\.se/" to="https://www.icabanken.se/"/>
>>  <rule from="^http://www\.icabanken\.se/" to="https://www.icabanken.se/
>> "/>
>> </ruleset>
>>
>> I hope it is correctly created.
>>
>> Thanks and regards,
>> Joakim
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere-rules/attachments/20140113/8d21bff4/attachment-0001.html>

More information about the HTTPS-Everywhere-Rules mailing list