[HTTPS-Everywhere] Rewriting to data: instead of https: scheme
Seth David Schoen
schoen at eff.org
Fri Dec 10 10:37:59 PST 2010
Chris Palmer writes:
> I think I am missing something (again/as usual). HTTPS Everywhere
> replaces http: with data: now? That can't work; you have to
> base-64-encode the resource and put it in the URL, which the extension
> could only do by downloading it...
>
> Turning things into data: URLs is something servers have to do.
In this case, the rule author manually wrote a rule for one particular
image (that was the only thing causing the mixed content warning): he
manually downloaded that one image, converted it, and put the entire
image into an explicit data URI inside the rule!
However, this didn't work and we don't know why.
I wonder if sites would make a copyright claim against us if we started
shipping a lot of rules that did this. "Hey! That's OUR icon!"
--
Seth Schoen
Senior Staff Technologist schoen at eff.org
Electronic Frontier Foundation https://www.eff.org/
454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107
More information about the HTTPS-everywhere
mailing list