[HTTPS-Everywhere] What does "([^/:@\.]+)\" and "$1" do?

Colonel Graff graffatcolmingov at gmail.com
Wed Aug 17 06:00:25 PDT 2011 

On Wed, Aug 17, 2011 at 8:53 AM, Victor Garin <vic.garin at gmail.com> wrote:

> <rule from="^http://([^/:@\.]+\.)*faxzero\.com/" to="https://$
> 1.faxzero.com" />
>
> causes redirect to:
>
> https://.faxzero.com/
>
> But I don't want there to be a dot before the main domain if there is
> no subdomain.
>
My bad. Quick question though, does faxzero have any subdomains? I'm no
familiar with it. If it doesn't, you can just use the
http://(www\.)?fazero\.com -> https://www.faxzero.com
If it does have subdomains then you can use the from that is listed above
and this to: https://$1faxzero.com

>
> =============
>
> >> What does "(www\.)?" do?
> >
> > This allows you to go to both google.com and www.google.com and either
> way
> > find yourself at encrypted.google.com (which is HTTPS).
> > The ? says that the preceding item should be matched 0 or 1 times.
> >
> >>
> >> Removing the www from all the rulesets will still work right?
> >>
> > Not when you type in www.google.com
> >>
> >>
>
> So is there a way to write a rule that forces it on all subdomains, no
> exceptions?
>
> You mean what you're trying to do right now with what's listed above?

> A simple asterix * should be able to do the trick; so a rule written
> in a simple form should look like this:
>
> <rule from="http://*faxzero.com/" to="https://*faxzero.com" />
>
This isn't Bash. If you know sed, perl, awk, python's re library, C's regexp
library, or even vim's :s command, you would know this doesn't apply. Hell
even in Bash you couldn't use the * in the to="" field.

If you wanted the rule to match absolutely anything - including email
addresses, forward slashes and colons - you could just do
<rule from="^http://(.*)faxzero\.com/" to "https://$1faxzero.com" />

But that isn't the smart way of doing it.

>
> But I am sure it won't work. Can you explain why?
>
> On Wed, Aug 17, 2011 at 5:45 AM, Colonel Graff
> <graffatcolmingov at gmail.com> wrote:
> >
> >
> > On Wed, Aug 17, 2011 at 8:39 AM, Victor Garin <vic.garin at gmail.com>
> wrote:
> >>
> >> You mean like this:
> >>
> >> <ruleset name="FaxZero">
> >>  <target host="faxzero.com" />
> >>  <target host="*.faxzero.com" />
> >>  <rule from="^http://([^/:@\.]+\.)*.faxzero\.com/"
> >> to="https://$1.faxzero.com/"/>
> >> </ruleset>
> >>
> > Try
> > <rule from="^http://([^/:@\.]+\.)*faxzero\.com/" to="https://$
> 1.faxzero.com"
> > />
> >>
> >> The above rule still does not work.
> >>
> >> Also, now the green check box does show up in HTTPS Everywhere when I
> >> go to faxzero.com.
> >>
> >> ---------------
> >>
> >> Also why do most of the rules have this: "(www\.)?"
> >>
> >> What does "(www\.)?" do?
> >
> > This allows you to go to both google.com and www.google.com and either
> way
> > find yourself at encrypted.google.com (which is HTTPS).
> > The ? says that the preceding item should be matched 0 or 1 times.
> >
> >>
> >> Removing the www from all the rulesets will still work right?
> >>
> > Not when you type in www.google.com
> >>
> >>
> >> On Tue, Aug 16, 2011 at 4:23 PM, Andrew Sillers <apsillers at gmail.com>
> >> wrote:
> >> > Whoops, my mistake -- thanks for the correction.  Also, it doesn't
> match
> >> > unlimited subdomains, as I suggested earlier; it matches just one.  To
> >> > catch
> >> > arbitrarily many subdomains in a hostname, using a "*" instead of a
> "?"
> >> > should do the trick: ([^/:@\.]+\.)*
> >> >
> >> > Andrew
> >> >
> >> > On Tue, Aug 16, 2011 at 4:46 PM, Peter Eckersley <pde at eff.org> wrote:
> >> >>
> >> >> On Tue, Aug 16, 2011 at 04:38:45PM -0400, Andrew Sillers wrote:
> >> >> > Victor,
> >> >> >
> >> >> > Try removing the "\." before "faxzero" and adding a question mark
> in
> >> >> > its
> >> >> > place: ([^/:@\.]+)?
> >> >>
> >> >> Don't remove the "\." -- instead put it inside the parentheses.  If
> you
> >> >> have a
> >> >> subdomain, you want the dot.
> >> >>
> >> >> >
> >> >> > Similarly, eliminate the "\." before "faxzero" in the "to" part of
> >> >> > the
> >> >> > rule.
> >> >> >
> >> >> > Right now, your rule requires something to precede the main domain;
> >> >> > the
> >> >> > question mark will make a subdomain optional.  (Specifically,
> >> >> > ([^/:@\.]+)
> >> >> > grabs all subdommains and excludes authentication credentials,
> which
> >> >> > use
> >> >> > "@"
> >> >> > and ":".)
> >> >> >
> >> >> > The $1 is a regular expression backreference (
> >> >> > http://www.regular-expressions.info/brackets.html), which is used
> to
> >> >> > represent the first parenthesized clause in the "from" regex -- in
> >> >> > this
> >> >> > case, all the subdomains, grabbed by ([^/:@\.]+).
> >> >> >
> >> >> > Andrew
> >> >> >
> >> >> > On Tue, Aug 16, 2011 at 4:19 PM, Victor Garin <vic.garin at gmail.com
> >
> >> >> > wrote:
> >> >> >
> >> >> > > When I started, I used the below rule as an example, because it
> >> >> > > used
> >> >> > > to encrypt all the subdomains:
> >> >> > >
> >> >> > > <ruleset name="Netflix">
> >> >> > >  <target host="netflix.com" />
> >> >> > >  <target host="*.netflix.com" />
> >> >> > >  <rule from="^http://([^/:@\.]+)\.netflix\.com/" to="https://$
> >> >> > > 1.netflix.com/"/>
> >> >> > > </ruleset>
> >> >> > >
> >> >> > > I assumed it also encrypted the main domain, but that doesn't
> seem
> >> >> > > to
> >> >> > > be the case for example here:
> >> >> > >
> >> >> > > <ruleset name="FaxZero">
> >> >> > >  <target host="faxzero.com" />
> >> >> > >  <target host="*.faxzero.com" />
> >> >> > >  <rule from="^http://([^/:@\.]+)\.faxzero\.com/" to="https://$
> >> >> > > 1.faxzero.com/"/>
> >> >> > > </ruleset>
> >> >> > >
> >> >> > >
> >> >> > > i.e. browsing to http://faxzero.com does nothing?
> >> >> > >
> >> >> > > What does "([^/:@\.]+)\" and "$1" do?
> >> >> > >
> >> >> > > Is there a way, to write in the same line, to redirect the main
> >> >> > > domain
> >> >> > > to https also? Or does the main domain rule, have to be in a new
> >> >> > > line?
> >> >> > > _______________________________________________
> >> >> > > HTTPS-everywhere mailing list
> >> >> > > HTTPS-everywhere at mail1.eff.org
> >> >> > > https://mail1.eff.org/mailman/listinfo/https-everywhere
> >> >> > >
> >> >>
> >> >> > _______________________________________________
> >> >> > HTTPS-everywhere mailing list
> >> >> > HTTPS-everywhere at mail1.eff.org
> >> >> > https://mail1.eff.org/mailman/listinfo/https-everywhere
> >> >>
> >> >>
> >> >> --
> >> >> Peter Eckersley                            pde at eff.org
> >> >> Technology Projects Director      Tel  +1 415 436 9333 x131
> >> >> Electronic Frontier Foundation    Fax  +1 415 436 9993
> >> >
> >> >
> >> _______________________________________________
> >> HTTPS-everywhere mailing list
> >> HTTPS-everywhere at mail1.eff.org
> >> https://mail1.eff.org/mailman/listinfo/https-everywhere
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20110817/f9651414/attachment.html>

More information about the HTTPS-everywhere mailing list