[HTTPS-Everywhere] Updates to Google.xml
Osama Khalid
osamak at gnu.org
Fri Dec 24 12:29:36 PST 2010
Hello,
I attached a patch to the Google Search ruleset. It fixes the
following:
* URLs like: http://www.google.com.sa/webhp?hl=ar are not currently
handled. Fixing that by adding a general pattern that handles
everything related to webhp and removing duplicated old patterns
(which will be handled by the new pattern).
* Using a webhp-like general pattern to merge two different patterns
that deal with "/search" and "/#".
* URLs like: http://www.google.com/firefox?q=test are not supposed to
preform a search query, but the ruleset currently redirects them to
https://encrypted.google.com/search?q=test. Fixing that by
redirecting them to https://encrypted.google.com/webhp?q=test
This patch is licensed under GPLv2+. All my future contributions to
the HTTPSEverywhere projects are under the same license unless
otherwise noted.
--Osama Khalid
-------------- next part --------------
diff --git a/src/chrome/content/rules/Google.xml b/src/chrome/content/rules/Google.xml
index 812669c..dd8e4c9 100644
--- a/src/chrome/content/rules/Google.xml
+++ b/src/chrome/content/rules/Google.xml
@@ -28,17 +28,14 @@
<!-- Some Google pages can generate naive links back to the
unencrypted version of encrypted.google.com, which is a
301 but theoretically vulnerable to SSL stripping. -->
-
<rule from="^http://encrypted\.google\.com/"
to="https://encrypted.google.com/"/>
<!-- The most basic case. -->
-
<rule from="^http://(www\.)?google\.com/search"
to="https://encrypted.google.com/search"/>
<!-- A very annoying exception that we seem to need for the basic case -->
-
<exclusion pattern="^http://(www\.)?google\.com/search.*tbs=shop" />
<exclusion pattern="^http://clients[0-9]\.google\.com/.*client=products.*" />
<exclusion pattern="^http://suggestqueries\.google\.com/.*client=products.*" />
@@ -50,34 +47,26 @@
<!-- But not the forums, bizarrely. -->
<exclusion pattern="^http://www\.google\.com/support/forum([\?/].*)?$"/>
- <!-- There are two distinct cases for these firefox searches -->
-
- <rule from="^http://(www\.)?google\.com/firefox/?$"
- to="https://encrypted.google.com/"/>
-
- <rule from="^http://(www\.)?google\.com/firefox"
- to="https://encrypted.google.com/search"/>
-
- <rule from="^http://(www\.)?google\.com/webhp"
+ <!-- Firefox homepage isn't currently available in HTTPS.-->
+ <rule from="^http://(www\.)?google\.com/firefox/?"
to="https://encrypted.google.com/webhp"/>
- <rule from="^http://(www\.)?google\.com/#"
- to="https://encrypted.google.com/#"/>
+ <!-- If any parameter (e.g. q or hl) is set in any Google domain,
+ move it to the encrypted domain.-->
+ <rule
+ from="^http://(www\.)?google(\.com?)?(\.[^/@:][^/@:])?/webhp"
+ to="https://encrypted.google.com/webhp" />
<rule from="^http://(www\.)?google\.com/$"
to="https://encrypted.google.com/"/>
- <!-- most google international sites look like "google.fr" -->
-
+ <!-- most google international sites look like "google.fr".
+ some look like "google.co.jp".
+ and some crazy ones like "google.com.au".-->
<rule
- from="^http://(www\.)?google\.[^/@:][^/@:]/(search\?|firefox|#)"
+ from="^http://(www\.)?google(\.com?)?(\.[^/@:][^/@:])?/(search\?|#)"
to="https://encrypted.google.com/#" />
- <!-- some look like "google.co.jp" -->
- <!-- and some crazy ones like "google.com.au" -->
- <rule
- from="^http://(www\.)?google\.com?\.[^/@:][^/@:]/(search\?|firefox|#)"
- to="https://encrypted.google.com/#" />
<!-- Completion urls look like this:
http://clients2.google.co.jp/complete/search?hl=ja&client=hp&expIds=17259,24660,24729,24745&q=m&cp=1 HTTP/1.1\r\n
More information about the HTTPS-everywhere
mailing list