[HTTPS-Everywhere] Stupid Perl Tricks: ssl_check2.pl
Whizz Mo
https at whizzmo.com
Wed Nov 10 19:41:25 PST 2010
Would a blurb like this in the report section work?
Note: The following hosts resolved to multiple IP addresses. Results for
these hosts may need to be verified for consistency.
a0.twimg.com 209.170.97.173, 209.170.97.183
a1.twimg.com 204.160.114.126, 204.160.103.126
a2.twimg.com 209.170.97.192, 209.170.97.189
a3.twimg.com 204.160.103.126, 204.160.114.126
twitter.com 168.143.162.36, 128.242.240.212, 128.242.245.116
>From a couple of runs through this url, it seems that the hosts in the
209.170.* range seem to work, but the hosts in the 204.160.* range do not.
YMMV.
Code v 0.03 attached.
On Wed, Nov 10, 2010 at 7:04 PM, Whizz Mo <https at whizzmo.com> wrote:
>
> Yes, the setup that Twitter runs is beyond my script's recognition
abilities. I suppose that I could put in IP range matching logic to check
if the hostname resolves to something in Amazon's cloud, but I don't really
want to maintain an IP range list over time. I'm hoping that the current
output (with the partial string display) is enough to point people in the
right direction.
>
> On Wed, Nov 10, 2010 at 6:23 PM, Seth David Schoen <schoen at eff.org> wrote:
>>
>> Whizz Mo writes:
>>
>> > Here are 80 bytes from both strings, starting at offset 1732:
>> > http: ref="
>> > http://a1.twimg.com/a/1289433550/images/twitter_57.png"
rel="apple-touch-ic
>> > https: ref="
>> >
https://s3.amazonaws.com/twitter_production/a/1289433550/images/twitter_57.
>> >
>> > Note that the starting byte of each listed string is 10 chars before
the
>> > variance occurs. For sites with rotating ad banners, this may be an
>> > issue.
>>
>> This particular discrepancy is actually an HTTP/HTTPS issue; these
>> hosts are both Amazon S3 but the latter is the HTTPS name for the
>> same resource. For this particular image -- unlike many others --
>> Twitter realized that it should generate the HTTPS name for the
>> image resource in order to avoid a mixed-content warning.
>>
>> --
>> Seth Schoen
>> Senior Staff Technologist schoen at eff.org
>> Electronic Frontier Foundation https://www.eff.org/
>> 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20101110/7f3cc1bb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl_check2.pl
Type: application/octet-stream
Size: 14420 bytes
Desc: not available
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20101110/7f3cc1bb/attachment.obj>
More information about the HTTPS-everywhere
mailing list