[HTTPS-Everywhere] Stupid Perl Tricks: ssl_check2.pl
Whizz Mo
https at whizzmo.com
Fri Nov 12 00:00:22 PST 2010
This script is *very *naive at this stage ("Experimental use only"). For
sites that alter content on a per-request basis (e.g. ad banners, RSS feeds)
or by connection type (e.g. twitter serving images from amazomaws for HTTPS
requests), this script will report "failures". This simply means that the
content hash for a particular resource differed between the HTTP and HTTPS
request. The page may yet work perfectly in HTTPS-only mode in a
full-featured browser. My script doesn't have the fuzzier logic necessary
to compute a "close enough" threshold for differences between items... yet.
This script is very much a work in progress. I apologize if I didn't make
that clear in earlier postings.
Thanks,
Whizz
Footnote: When I run the script against http://www.isecpartners.com/, it
returns only a success report. What failure does it display for you?
On Thu, Nov 11, 2010 at 2:46 PM, Chris Palmer <chris at eff.org> wrote:
> On Nov 10, 2010, at 7:41 PM, Whizz Mo wrote:
>
> > Code v 0.03 attached.
>
> On every URL, I get some kind of failure. Try http://www.isecpartners.com/,
> http://www.eff.org/, http://mail.google.com/, and so on. They all seem to
> fail differently.
>
> Should we stick with 0.02? Are these known problems?
>
>
> --
> Chris Palmer
> Technology Director, Electronic Frontier Foundation
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20101112/164b3291/attachment.html>
More information about the HTTPS-everywhere
mailing list