[HTTPS-Everywhere] What does "([^/:@\.]+)\" and "$1" do?

Andrew Sillers apsillers at gmail.com
Wed Aug 17 06:40:25 PDT 2011 

Looks like you need to add a forward slash to the end of your "to" string.
 I don't know why it doesn't match at all, though.  I just did a quick test
(just of the regular expression, not actually on Netflix) it it looks like
it should work.  See if adding the slash fixes both issues.


On Wed, Aug 17, 2011 at 9:36 AM, Victor Garin <vic.garin at gmail.com> wrote:

> Oh and the http only url still works with the below rule
>
> http://ca.movies.netflix.com/WiHome
>
> <ruleset name="NetflixAll">
>  <target host="netflix.com" />
>  <target host="*.netflix.com" />
>  <rule from="^http://(([^/:@\.]+\.)*)netflix\.com/"
> to="https://$1netflix.com" />
> </ruleset>
>
> On Wed, Aug 17, 2011 at 6:34 AM, Victor Garin <vic.garin at gmail.com> wrote:
> > So I was testing the new rule you suggested, to force unlimited
> > subdomains on Netflix (see "Add Netflix sub-sub domain support i.e.
> > ca.movies.netflix.com (Netflix Canada)" -
> >
> https://mail1.eff.org/pipermail/https-everywhere-rules/2011-July/000429.html
> > ):
> >
> > <ruleset name="NetflixAll">
> >  <target host="netflix.com" />
> >  <target host="*.netflix.com" />
> >  <rule from="^http://(([^/:@\.]+\.)*)netflix\.com/"
> > to="https://$1netflix.com" />
> > </ruleset>
> >
> > But then after logging in I get this url:
> >
> > https://movies.netflix.comwihome/
> >
> > I don't suppose you have a Netflix US or Canadian account to test this?
> >
> > On Wed, Aug 17, 2011 at 6:01 AM, Andrew Sillers <apsillers at gmail.com>
> wrote:
> >> Remove the first period in the "to" expression.
> >> Also, I just realized that when using the * to match unlimited
> subdomains,
> >> the backreference $1 will only yield the rightmost subdomain.  If you
> need
> >> unlimit subdomain matching, do:
> >> <rule from="^http://(([^/:@\.]+\.)*)faxzero\.com/"
> >> to="https://$1faxzero.com" />
> >> Just add an another set of parentheses around the sudomain expression
> and
> >> the star.
> >>
> >> On Wed, Aug 17, 2011 at 8:53 AM, Victor Garin <vic.garin at gmail.com>
> wrote:
> >>>
> >>> <rule from="^http://([^/:@\.]+\.)*faxzero\.com/"
> >>> to="https://$1.faxzero.com" />
> >>>
> >>> causes redirect to:
> >>>
> >>> https://.faxzero.com/
> >>>
> >>> But I don't want there to be a dot before the main domain if there is
> >>> no subdomain.
> >>>
> >>> =============
> >>>
> >>> >> What does "(www\.)?" do?
> >>> >
> >>> > This allows you to go to both google.com and www.google.com and
> either
> >>> > way
> >>> > find yourself at encrypted.google.com (which is HTTPS).
> >>> > The ? says that the preceding item should be matched 0 or 1 times.
> >>> >
> >>> >>
> >>> >> Removing the www from all the rulesets will still work right?
> >>> >>
> >>> > Not when you type in www.google.com
> >>> >>
> >>> >>
> >>>
> >>> So is there a way to write a rule that forces it on all subdomains, no
> >>> exceptions?
> >>>
> >>> A simple asterix * should be able to do the trick; so a rule written
> >>> in a simple form should look like this:
> >>>
> >>> <rule from="http://*faxzero.com/" to="https://*faxzero.com" />
> >>>
> >>> But I am sure it won't work. Can you explain why?
> >>>
> >>> On Wed, Aug 17, 2011 at 5:45 AM, Colonel Graff
> >>> <graffatcolmingov at gmail.com> wrote:
> >>> >
> >>> >
> >>> > On Wed, Aug 17, 2011 at 8:39 AM, Victor Garin <vic.garin at gmail.com>
> >>> > wrote:
> >>> >>
> >>> >> You mean like this:
> >>> >>
> >>> >> <ruleset name="FaxZero">
> >>> >>  <target host="faxzero.com" />
> >>> >>  <target host="*.faxzero.com" />
> >>> >>  <rule from="^http://([^/:@\.]+\.)*.faxzero\.com/"
> >>> >> to="https://$1.faxzero.com/"/>
> >>> >> </ruleset>
> >>> >>
> >>> > Try
> >>> > <rule from="^http://([^/:@\.]+\.)*faxzero\.com/"
> >>> > to="https://$1.faxzero.com"
> >>> > />
> >>> >>
> >>> >> The above rule still does not work.
> >>> >>
> >>> >> Also, now the green check box does show up in HTTPS Everywhere when
> I
> >>> >> go to faxzero.com.
> >>> >>
> >>> >> ---------------
> >>> >>
> >>> >> Also why do most of the rules have this: "(www\.)?"
> >>> >>
> >>> >> What does "(www\.)?" do?
> >>> >
> >>> > This allows you to go to both google.com and www.google.com and
> either
> >>> > way
> >>> > find yourself at encrypted.google.com (which is HTTPS).
> >>> > The ? says that the preceding item should be matched 0 or 1 times.
> >>> >
> >>> >>
> >>> >> Removing the www from all the rulesets will still work right?
> >>> >>
> >>> > Not when you type in www.google.com
> >>> >>
> >>> >>
> >>> >> On Tue, Aug 16, 2011 at 4:23 PM, Andrew Sillers <
> apsillers at gmail.com>
> >>> >> wrote:
> >>> >> > Whoops, my mistake -- thanks for the correction.  Also, it doesn't
> >>> >> > match
> >>> >> > unlimited subdomains, as I suggested earlier; it matches just one.
> >>> >> > To
> >>> >> > catch
> >>> >> > arbitrarily many subdomains in a hostname, using a "*" instead of
> a
> >>> >> > "?"
> >>> >> > should do the trick: ([^/:@\.]+\.)*
> >>> >> >
> >>> >> > Andrew
> >>> >> >
> >>> >> > On Tue, Aug 16, 2011 at 4:46 PM, Peter Eckersley <pde at eff.org>
> wrote:
> >>> >> >>
> >>> >> >> On Tue, Aug 16, 2011 at 04:38:45PM -0400, Andrew Sillers wrote:
> >>> >> >> > Victor,
> >>> >> >> >
> >>> >> >> > Try removing the "\." before "faxzero" and adding a question
> mark
> >>> >> >> > in
> >>> >> >> > its
> >>> >> >> > place: ([^/:@\.]+)?
> >>> >> >>
> >>> >> >> Don't remove the "\." -- instead put it inside the parentheses.
>  If
> >>> >> >> you
> >>> >> >> have a
> >>> >> >> subdomain, you want the dot.
> >>> >> >>
> >>> >> >> >
> >>> >> >> > Similarly, eliminate the "\." before "faxzero" in the "to" part
> of
> >>> >> >> > the
> >>> >> >> > rule.
> >>> >> >> >
> >>> >> >> > Right now, your rule requires something to precede the main
> >>> >> >> > domain;
> >>> >> >> > the
> >>> >> >> > question mark will make a subdomain optional.  (Specifically,
> >>> >> >> > ([^/:@\.]+)
> >>> >> >> > grabs all subdommains and excludes authentication credentials,
> >>> >> >> > which
> >>> >> >> > use
> >>> >> >> > "@"
> >>> >> >> > and ":".)
> >>> >> >> >
> >>> >> >> > The $1 is a regular expression backreference (
> >>> >> >> > http://www.regular-expressions.info/brackets.html), which is
> used
> >>> >> >> > to
> >>> >> >> > represent the first parenthesized clause in the "from" regex --
> in
> >>> >> >> > this
> >>> >> >> > case, all the subdomains, grabbed by ([^/:@\.]+).
> >>> >> >> >
> >>> >> >> > Andrew
> >>> >> >> >
> >>> >> >> > On Tue, Aug 16, 2011 at 4:19 PM, Victor Garin
> >>> >> >> > <vic.garin at gmail.com>
> >>> >> >> > wrote:
> >>> >> >> >
> >>> >> >> > > When I started, I used the below rule as an example, because
> it
> >>> >> >> > > used
> >>> >> >> > > to encrypt all the subdomains:
> >>> >> >> > >
> >>> >> >> > > <ruleset name="Netflix">
> >>> >> >> > >  <target host="netflix.com" />
> >>> >> >> > >  <target host="*.netflix.com" />
> >>> >> >> > >  <rule from="^http://([^/:@\.]+)\.netflix\.com/"
> to="https://$
> >>> >> >> > > 1.netflix.com/"/>
> >>> >> >> > > </ruleset>
> >>> >> >> > >
> >>> >> >> > > I assumed it also encrypted the main domain, but that doesn't
> >>> >> >> > > seem
> >>> >> >> > > to
> >>> >> >> > > be the case for example here:
> >>> >> >> > >
> >>> >> >> > > <ruleset name="FaxZero">
> >>> >> >> > >  <target host="faxzero.com" />
> >>> >> >> > >  <target host="*.faxzero.com" />
> >>> >> >> > >  <rule from="^http://([^/:@\.]+)\.faxzero\.com/"
> to="https://$
> >>> >> >> > > 1.faxzero.com/"/>
> >>> >> >> > > </ruleset>
> >>> >> >> > >
> >>> >> >> > >
> >>> >> >> > > i.e. browsing to http://faxzero.com does nothing?
> >>> >> >> > >
> >>> >> >> > > What does "([^/:@\.]+)\" and "$1" do?
> >>> >> >> > >
> >>> >> >> > > Is there a way, to write in the same line, to redirect the
> main
> >>> >> >> > > domain
> >>> >> >> > > to https also? Or does the main domain rule, have to be in a
> new
> >>> >> >> > > line?
> >>> >> >> > > _______________________________________________
> >>> >> >> > > HTTPS-everywhere mailing list
> >>> >> >> > > HTTPS-everywhere at mail1.eff.org
> >>> >> >> > > https://mail1.eff.org/mailman/listinfo/https-everywhere
> >>> >> >> > >
> >>> >> >>
> >>> >> >> > _______________________________________________
> >>> >> >> > HTTPS-everywhere mailing list
> >>> >> >> > HTTPS-everywhere at mail1.eff.org
> >>> >> >> > https://mail1.eff.org/mailman/listinfo/https-everywhere
> >>> >> >>
> >>> >> >>
> >>> >> >> --
> >>> >> >> Peter Eckersley                            pde at eff.org
> >>> >> >> Technology Projects Director      Tel  +1 415 436 9333 x131
> >>> >> >> Electronic Frontier Foundation    Fax  +1 415 436 9993
> >>> >> >
> >>> >> >
> >>> >> _______________________________________________
> >>> >> HTTPS-everywhere mailing list
> >>> >> HTTPS-everywhere at mail1.eff.org
> >>> >> https://mail1.eff.org/mailman/listinfo/https-everywhere
> >>> >
> >>> >
> >>
> >>
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20110817/e8af5a77/attachment.html>

More information about the HTTPS-everywhere mailing list