[HTTPS-Everywhere] Rewriting to data: instead of https: scheme
Chris Palmer
chris at eff.org
Fri Dec 10 10:33:46 PST 2010
On 12/10/2010 12:58 AM, Seth David Schoen wrote:
>> The issue I have is that the secure form at
>> https://secure.vimeo.com/log_in includes
>> http://a.vimeocdn.com/images/land_cloud.png and thus does not get
>> the "secure connection" badge. (See my attempt to work around this.)
>> But while clicking on the cloud image shows that the extension
>> replaced it with the local data: URI, Firefox still doesn't show the
>> badge.
>>
>> Is this a bug in Firefox, or did I miss something (in the rule) ?
>
> This is a fascinating idea. Does anybody know why it doesn't work?
I think I am missing something (again/as usual). HTTPS Everywhere
replaces http: with data: now? That can't work; you have to
base-64-encode the resource and put it in the URL, which the extension
could only do by downloading it...
Turning things into data: URLs is something servers have to do.
More information about the HTTPS-everywhere
mailing list