[HTTPS-Everywhere] Stupid Perl Tricks: ssl_check2.pl

Whizz Mo https at whizzmo.com
Wed Nov 10 19:41:25 PST 2010


Would a blurb like this in the report section work?

Note:  The following hosts resolved to multiple IP addresses.  Results for
these hosts may need to be verified for consistency.
   a0.twimg.com  209.170.97.173, 209.170.97.183
   a1.twimg.com  204.160.114.126, 204.160.103.126
   a2.twimg.com  209.170.97.192, 209.170.97.189
   a3.twimg.com  204.160.103.126, 204.160.114.126
   twitter.com       168.143.162.36, 128.242.240.212, 128.242.245.116

>From a couple of runs through this url, it seems that the hosts in the
209.170.* range seem to work, but the hosts in the 204.160.* range do not.
 YMMV.

Code v 0.03 attached.

On Wed, Nov 10, 2010 at 7:04 PM, Whizz Mo <https at whizzmo.com> wrote:
>
> Yes, the setup that Twitter runs is beyond my script's recognition
abilities.  I suppose that I could put in IP range matching logic to check
if the hostname resolves to something in Amazon's cloud, but I don't really
want to maintain an IP range list over time.  I'm hoping that the current
output (with the partial string display) is enough to point people in the
right direction.
>
> On Wed, Nov 10, 2010 at 6:23 PM, Seth David Schoen <schoen at eff.org> wrote:
>>
>> Whizz Mo writes:
>>
>> >         Here are 80 bytes from both strings, starting at offset 1732:
>> >                 http:    ref="
>> > http://a1.twimg.com/a/1289433550/images/twitter_57.png"
rel="apple-touch-ic
>> >                 https:  ref="
>> >
https://s3.amazonaws.com/twitter_production/a/1289433550/images/twitter_57.
>> >
>> > Note that the starting byte of each listed string is 10 chars before
the
>> > variance occurs.   For sites with rotating ad banners, this may be an
>> > issue.
>>
>> This particular discrepancy is actually an HTTP/HTTPS issue; these
>> hosts are both Amazon S3 but the latter is the HTTPS name for the
>> same resource.  For this particular image -- unlike many others --
>> Twitter realized that it should generate the HTTPS name for the
>> image resource in order to avoid a mixed-content warning.
>>
>> --
>> Seth Schoen
>> Senior Staff Technologist                         schoen at eff.org
>> Electronic Frontier Foundation                    https://www.eff.org/
>> 454 Shotwell Street, San Francisco, CA  94110     +1 415 436 9333 x107
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20101110/7f3cc1bb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl_check2.pl
Type: application/octet-stream
Size: 14420 bytes
Desc: not available
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20101110/7f3cc1bb/attachment.obj>


More information about the HTTPS-everywhere mailing list