[HTTPS-Everywhere] Style for HTTPS Everywhere rules that cover a lot of domains
Peter Eckersley
pde at eff.org
Sun Feb 20 00:46:36 PST 2011
On Sun, Feb 20, 2011 at 03:17:23AM +0000, David Batley wrote:
>
> A catch-all rule is a bit trickier in this case, as there's a couple
> of domains which use the "secure" subdomain for https (ie:
> htttp://www.example.com to https://secure.example.com).
>
> If the order the rule statements are executed is guarenteed, it could do:
> <!-- these need redirect to secure subdomain -->
> <rule from="^http://www\.(domains-needing-redirect-to-secure)/"
> to="https://secure.$1" />
> <!-- everything else uses the same domain for https -->
> <rule from="^http://www\.([^/]+)/" to="https://www.$1" />
The order *should* be guaranteed. If it's not, that would be a subtle bug
that we should let know about.
>
> This would remove the text-editor-melting-ly long line. I think the
> code will apply these two in the correct order, although if that ever
> changes then it could break things unexpectedly.
We do need a test suite for HTTPS Everywhere. I think it could begin in the form
of one of Firefox's mutli-tab bookmarks. Certainly, an order-dependent
component of this ruleset would be a good tabe to include there.
--
Peter Eckersley pde at eff.org
Senior Staff Technologist Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
More information about the HTTPS-everywhere
mailing list