[HTTPS-E Rulesets] Fwd: icabanken.se

Tue Jan 14 10:37:24 PST 2014

I have now tested this ruleset:

<ruleset name="ICA Banken">
<target host="www.icabanken.se"/>
 <target host="icabanken.se"/>
 <rule from="^http://(www\.)?icabanken\.se/" to="https://www.icabanken.se/"
/>
<securecookie host="^(.*\.)?icabanken\.se$" name=".*" />
</ruleset>

… with Firefox 26 and HTTPS Everywhere 4.0development.14. The rule works,
but I don’t know how to check if the securecookie-rule is correct and works
as intended.

Thank you Brian for your guidance and your patience.

Thanks and regards,
Joakim

2014/1/14 Drake, Brian <brian at drakefamily.tk>

> Yes, both <target> elements are required. As I understand it, they tell
> the software which rulesets to process. Therefore, if you are missing the
> one without “www”, then when you have a request to http://icabanken.se/,
> the software won’t process this ruleset at all.
>
> I had a quick look at the site and its cookies and there seems to be no
> indication of any other subdomains.
>
> So it would probably be a good idea to install the ruleset with the
> <securecookie> tag and test it, if you haven’t done that already.
>
> --
> Brian Drake
>
> All content created by me: Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>© 2014 Brian Drake. All rights reserved.
>
> On Tue, Jan 14, 2014 at 1627 (UTC), Joakim Walldén <
> joakim.wallden at gmail.com> wrote:
>
>> Thanks.
>>
>>  So <target host="icabanken.se"/>, without “www”, must be included,
>> although only www.icabanken.se is available.
>>
>> <ruleset name="ICABANKEN.se">
>> <target host="www.icabanken.se"/>
>>  <target host="icabanken.se"/>
>>  <rule from="^http://icabanken\.se/" to="https://www.icabanken.se/"/>
>>  <rule from="^http://www\.icabanken\.se/" to="https://www.icabanken.se/
>> "/>
>> </ruleset>
>>
>> Or, with the suggested combined rule:
>>
>> <ruleset name="ICABANKEN.se">
>>  <target host="www.icabanken.se"/>
>> <target host="icabanken.se"/>
>>  <rule from="^http://(www\.)?icabanken\.se/" to="
>> https://www.icabanken.se/" />
>> </ruleset>
>>
>> Secure cookie, maybe
>>
>> <securecookie host="^(.*\.)?icabanken\.se$" name=".*" />
>>
>> As far as I have seen, the entire site is available over HTTPS. Most
>> links on the page lead to HTTP, unless the user is logged in. However, I
>> have the domain added to Chrome’s HSTS-list, and that works well. I am not
>> aware of any subdomains, only www.icabanken.se.
>>
>> Thanks and regards,
>> Joakim
>>
>>
>> 2014/1/13 (UTC) Drake, Brian <brian at drakefamily.tk>
>>
>> It looks good, except that you are missing <target host="icabanken.se"
>>> />.
>>>
>>> Again, you could combine the rules:
>>>
>>> <rule from="^http://(www\.)?icabanken\.se/" to="
>>> https://www.icabanken.se/" />
>>>
>>> This does the same thing as the separate rules, but in one rule.
>>>
>>> If the entire site is available over HTTPS, you should secure the
>>> cookies (but I don’t have much experience myself in that area).
>>>
>>> <securecookie host="^(.*\.)?icabanken\.se$" name=".*" />
>>>
>>> Remember to consider any other subdomains of icabanken.se when you do
>>> that.
>>>
>>> --
>>> Brian Drake
>>>
>>> All content created by me: Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>© 2014 Brian Drake. All rights reserved.
>>>
>>> On Mon, Jan 13, 2014 at 1417 (UTC), Joakim Walldén <
>>> joakim.wallden at gmail.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> I suggest adding a ruleset for icabanken.se.
>>>>
>>>> <ruleset name="ICABANKEN.se">
>>>>  <target host="www.icabanken.se"/>
>>>>  <rule from="^http://icabanken\.se/" to="https://www.icabanken.se/"/>
>>>>  <rule from="^http://www\.icabanken\.se/" to="https://www.icabanken.se/
>>>> "/>
>>>> </ruleset>
>>>>
>>>> I hope it is correctly created.
>>>>
>>>> Thanks and regards,
>>>> Joakim
>>>>
>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere-rules/attachments/20140114/cc77af70/attachment.html>