[HTTPS-Everywhere] What does "([^/:@\.]+)\" and "$1" do?

Victor Garin vic.garin at gmail.com
Wed Aug 17 06:34:18 PDT 2011 

So I was testing the new rule you suggested, to force unlimited
subdomains on Netflix (see "Add Netflix sub-sub domain support i.e.
ca.movies.netflix.com (Netflix Canada)" -
https://mail1.eff.org/pipermail/https-everywhere-rules/2011-July/000429.html
):

<ruleset name="NetflixAll">
  <target host="netflix.com" />
  <target host="*.netflix.com" />
  <rule from="^http://(([^/:@\.]+\.)*)netflix\.com/"
to="https://$1netflix.com" />
</ruleset>

But then after logging in I get this url:

https://movies.netflix.comwihome/

I don't suppose you have a Netflix US or Canadian account to test this?

On Wed, Aug 17, 2011 at 6:01 AM, Andrew Sillers <apsillers at gmail.com> wrote:
> Remove the first period in the "to" expression.
> Also, I just realized that when using the * to match unlimited subdomains,
> the backreference $1 will only yield the rightmost subdomain.  If you need
> unlimit subdomain matching, do:
> <rule from="^http://(([^/:@\.]+\.)*)faxzero\.com/"
> to="https://$1faxzero.com" />
> Just add an another set of parentheses around the sudomain expression and
> the star.
>
> On Wed, Aug 17, 2011 at 8:53 AM, Victor Garin <vic.garin at gmail.com> wrote:
>>
>> <rule from="^http://([^/:@\.]+\.)*faxzero\.com/"
>> to="https://$1.faxzero.com" />
>>
>> causes redirect to:
>>
>> https://.faxzero.com/
>>
>> But I don't want there to be a dot before the main domain if there is
>> no subdomain.
>>
>> =============
>>
>> >> What does "(www\.)?" do?
>> >
>> > This allows you to go to both google.com and www.google.com and either
>> > way
>> > find yourself at encrypted.google.com (which is HTTPS).
>> > The ? says that the preceding item should be matched 0 or 1 times.
>> >
>> >>
>> >> Removing the www from all the rulesets will still work right?
>> >>
>> > Not when you type in www.google.com
>> >>
>> >>
>>
>> So is there a way to write a rule that forces it on all subdomains, no
>> exceptions?
>>
>> A simple asterix * should be able to do the trick; so a rule written
>> in a simple form should look like this:
>>
>> <rule from="http://*faxzero.com/" to="https://*faxzero.com" />
>>
>> But I am sure it won't work. Can you explain why?
>>
>> On Wed, Aug 17, 2011 at 5:45 AM, Colonel Graff
>> <graffatcolmingov at gmail.com> wrote:
>> >
>> >
>> > On Wed, Aug 17, 2011 at 8:39 AM, Victor Garin <vic.garin at gmail.com>
>> > wrote:
>> >>
>> >> You mean like this:
>> >>
>> >> <ruleset name="FaxZero">
>> >>  <target host="faxzero.com" />
>> >>  <target host="*.faxzero.com" />
>> >>  <rule from="^http://([^/:@\.]+\.)*.faxzero\.com/"
>> >> to="https://$1.faxzero.com/"/>
>> >> </ruleset>
>> >>
>> > Try
>> > <rule from="^http://([^/:@\.]+\.)*faxzero\.com/"
>> > to="https://$1.faxzero.com"
>> > />
>> >>
>> >> The above rule still does not work.
>> >>
>> >> Also, now the green check box does show up in HTTPS Everywhere when I
>> >> go to faxzero.com.
>> >>
>> >> ---------------
>> >>
>> >> Also why do most of the rules have this: "(www\.)?"
>> >>
>> >> What does "(www\.)?" do?
>> >
>> > This allows you to go to both google.com and www.google.com and either
>> > way
>> > find yourself at encrypted.google.com (which is HTTPS).
>> > The ? says that the preceding item should be matched 0 or 1 times.
>> >
>> >>
>> >> Removing the www from all the rulesets will still work right?
>> >>
>> > Not when you type in www.google.com
>> >>
>> >>
>> >> On Tue, Aug 16, 2011 at 4:23 PM, Andrew Sillers <apsillers at gmail.com>
>> >> wrote:
>> >> > Whoops, my mistake -- thanks for the correction.  Also, it doesn't
>> >> > match
>> >> > unlimited subdomains, as I suggested earlier; it matches just one.
>> >> > To
>> >> > catch
>> >> > arbitrarily many subdomains in a hostname, using a "*" instead of a
>> >> > "?"
>> >> > should do the trick: ([^/:@\.]+\.)*
>> >> >
>> >> > Andrew
>> >> >
>> >> > On Tue, Aug 16, 2011 at 4:46 PM, Peter Eckersley <pde at eff.org> wrote:
>> >> >>
>> >> >> On Tue, Aug 16, 2011 at 04:38:45PM -0400, Andrew Sillers wrote:
>> >> >> > Victor,
>> >> >> >
>> >> >> > Try removing the "\." before "faxzero" and adding a question mark
>> >> >> > in
>> >> >> > its
>> >> >> > place: ([^/:@\.]+)?
>> >> >>
>> >> >> Don't remove the "\." -- instead put it inside the parentheses.  If
>> >> >> you
>> >> >> have a
>> >> >> subdomain, you want the dot.
>> >> >>
>> >> >> >
>> >> >> > Similarly, eliminate the "\." before "faxzero" in the "to" part of
>> >> >> > the
>> >> >> > rule.
>> >> >> >
>> >> >> > Right now, your rule requires something to precede the main
>> >> >> > domain;
>> >> >> > the
>> >> >> > question mark will make a subdomain optional.  (Specifically,
>> >> >> > ([^/:@\.]+)
>> >> >> > grabs all subdommains and excludes authentication credentials,
>> >> >> > which
>> >> >> > use
>> >> >> > "@"
>> >> >> > and ":".)
>> >> >> >
>> >> >> > The $1 is a regular expression backreference (
>> >> >> > http://www.regular-expressions.info/brackets.html), which is used
>> >> >> > to
>> >> >> > represent the first parenthesized clause in the "from" regex -- in
>> >> >> > this
>> >> >> > case, all the subdomains, grabbed by ([^/:@\.]+).
>> >> >> >
>> >> >> > Andrew
>> >> >> >
>> >> >> > On Tue, Aug 16, 2011 at 4:19 PM, Victor Garin
>> >> >> > <vic.garin at gmail.com>
>> >> >> > wrote:
>> >> >> >
>> >> >> > > When I started, I used the below rule as an example, because it
>> >> >> > > used
>> >> >> > > to encrypt all the subdomains:
>> >> >> > >
>> >> >> > > <ruleset name="Netflix">
>> >> >> > >  <target host="netflix.com" />
>> >> >> > >  <target host="*.netflix.com" />
>> >> >> > >  <rule from="^http://([^/:@\.]+)\.netflix\.com/" to="https://$
>> >> >> > > 1.netflix.com/"/>
>> >> >> > > </ruleset>
>> >> >> > >
>> >> >> > > I assumed it also encrypted the main domain, but that doesn't
>> >> >> > > seem
>> >> >> > > to
>> >> >> > > be the case for example here:
>> >> >> > >
>> >> >> > > <ruleset name="FaxZero">
>> >> >> > >  <target host="faxzero.com" />
>> >> >> > >  <target host="*.faxzero.com" />
>> >> >> > >  <rule from="^http://([^/:@\.]+)\.faxzero\.com/" to="https://$
>> >> >> > > 1.faxzero.com/"/>
>> >> >> > > </ruleset>
>> >> >> > >
>> >> >> > >
>> >> >> > > i.e. browsing to http://faxzero.com does nothing?
>> >> >> > >
>> >> >> > > What does "([^/:@\.]+)\" and "$1" do?
>> >> >> > >
>> >> >> > > Is there a way, to write in the same line, to redirect the main
>> >> >> > > domain
>> >> >> > > to https also? Or does the main domain rule, have to be in a new
>> >> >> > > line?
>> >> >> > > _______________________________________________
>> >> >> > > HTTPS-everywhere mailing list
>> >> >> > > HTTPS-everywhere at mail1.eff.org
>> >> >> > > https://mail1.eff.org/mailman/listinfo/https-everywhere
>> >> >> > >
>> >> >>
>> >> >> > _______________________________________________
>> >> >> > HTTPS-everywhere mailing list
>> >> >> > HTTPS-everywhere at mail1.eff.org
>> >> >> > https://mail1.eff.org/mailman/listinfo/https-everywhere
>> >> >>
>> >> >>
>> >> >> --
>> >> >> Peter Eckersley                            pde at eff.org
>> >> >> Technology Projects Director      Tel  +1 415 436 9333 x131
>> >> >> Electronic Frontier Foundation    Fax  +1 415 436 9993
>> >> >
>> >> >
>> >> _______________________________________________
>> >> HTTPS-everywhere mailing list
>> >> HTTPS-everywhere at mail1.eff.org
>> >> https://mail1.eff.org/mailman/listinfo/https-everywhere
>> >
>> >
>
>

More information about the HTTPS-everywhere mailing list