[HTTPS-Everywhere] Github rule
Seth David Schoen
schoen at eff.org
Mon Oct 25 12:37:33 PDT 2010
Eitan Adler writes:
> I attached a rule for securing github's site
>
> --
> Eitan Adler
> <ruleset name="Github">
> <rule from="^http://(www\.)?github\.com/" to="https://github.com/"/>
> </ruleset>
This rule doesn't work -- GitHub resources in subdirectories don't
support HTTPS. I know this because I tried
https://github.com/mikecardwell/HTTPS-Everywhere-Rules/commits/my-new-rules
when Mike Cardwell started contributing rules.
See also things like
https://github.com/training
Maybe this is different for logged-in users. There are several sites
that support or require HTTPS if you're logged in but not if you're an
anonymous user. However, there may not be a way to make this
distinction on the basis of URLs alone.
--
Seth Schoen
Senior Staff Technologist schoen at eff.org
Electronic Frontier Foundation https://www.eff.org/
454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107
More information about the HTTPS-everywhere
mailing list