[HTTPS-Everywhere] HTTPS Everywhere for Chromium

Adam Langley agl at imperialviolet.org
Fri Nov 26 08:55:34 PST 2010 

At the moment I don't believe that any of the experimental Chromium
extension APIs[1] are sufficient to support HTTPS Everywhere and that
there aren't any other plans to support it in Chromium.

In order to support HTTPS Everywhere in Chromium we have to live with
some limitations which don't affect Firefox:

1) Chromium will not let extensions excessively slow down normal
execution. That means that it won't perform a round-trip to an
extension process for each URL request in order to allow the extension
to manipulate the request.

2) Serialising and re-parsing URLs is very scary from a security point
of view. It would be greatly preferable to handle URLs in their
processed form.

3) I'm not going to put a regexp engine into the Chromium networking
stack for complexity reasons.

Based on this, I believe that it would be possible to support a
limited form of request rewriting by extensions. The rewrite rules
would have to be loaded into the networking stack, operate on parsed
URLs and be much more limited than full regexps. As a short
proof-of-concept I have attached a toy program which can process XML
rules into such a format. Here's an example of the output:

// Scroogle http://(www\.)?scroogle\.org/cgi-bin/nbbw\.cgi$
https://ssl.scroogle.org/cgi-bin/nbbwssl.cgi
{
  "match": {
    "scheme": "http",
    "domain": "www.scroogle.org",
    "path": "/cgi-bin/nbbw.cgi",
  },
  "substitute": {
    "scheme": "https",
    "domain": "ssl.scroogle.org",
    "matchedPath": "/cgi-bin/nbbwssl.cgi",
  },
},
// Scroogle http://(www\.)?scroogle\.org/cgi-bin/nbbw\.cgi$
https://ssl.scroogle.org/cgi-bin/nbbwssl.cgi
{
  "match": {
    "scheme": "http",
    "domain": "scroogle.org",
    "path": "/cgi-bin/nbbw.cgi",
  },
  "substitute": {
    "scheme": "https",
    "domain": "ssl.scroogle.org",
    "matchedPath": "/cgi-bin/nbbwssl.cgi",
  },
},

For the given regexp, the code generates all possible matching inputs
(i.e. with, and without the "www."), applies the substitution to each
and diffs the input and output to generate a rule.

Many rules can be expressed in this simple form. Some exceptions:

1) Anything dealing with query parameters for now
2) Rules which cannot be reasonably enumerated:

Skipping http://www\.google\.com/cse/intl/([^/:@][^/:@])/images/google_custom_search_watermark\.gif$
due to remaining repeats or charsets

(although the case of "[^@:/]*" in the domain is specifically handled.)

3) Trying to substitute parts of the domain into the path (in the
"Wikipedia" ruleset)

There are also some cases which I believe are mistakes in the current
rules. For example, some rules attempt to remap HTTPS urls:

2010/11/26 11:34:08 Rule 'https?://(de-de|www\.)?facebook\.de/' in
'Facebook' maps non-HTTP urls (e.g. https://de-defacebook.de/)
2010/11/26 11:34:08 Rule 'https?://de-de\.facebook\.com/' in
'Facebook' maps non-HTTP urls (e.g. https://de-de.facebook.com/)
2010/11/26 11:34:08 Rule 'https?://(fr-fr|www\.)?facebook\.fr/' in
'Facebook' maps non-HTTP urls (e.g. https://fr-frfacebook.fr/)
2010/11/26 11:34:08 Rule 'https?://fr-fr\.facebook\.com/' in
'Facebook' maps non-HTTP urls (e.g. https://fr-fr.facebook.com/)
2010/11/26 11:34:08 Rule 'https?://finance\.google\.com/' in
'GoogleServices' maps non-HTTP urls (e.g. https://finance.google.com/)
2010/11/26 11:34:08 Rule 'https?://finance\.google\.co\.uk/' in
'GoogleServices' maps non-HTTP urls (e.g.
https://finance.google.co.uk/)

(Note also that the Facebook rules appear to also be missing a period
after, say, "de-de". Since I'm not sure if these are considered to be
errors I haven't attached a patch to fix them, but can do if
requested.)

Comments? I can't guarantee that Chromium would actually implement
this: the extensions folks may have other ideas.


AGL

[1] http://code.google.com/chrome/extensions/api_index.html#experimental

-- 
Adam Langley agl at imperialviolet.org http://www.imperialviolet.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: process.go
Type: application/octet-stream
Size: 12108 bytes
Desc: not available
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20101126/8d53b228/attachment.obj>

More information about the HTTPS-everywhere mailing list