[HTTPS-Everywhere] Style for HTTPS Everywhere rules that cover a lot of domains
David Batley
httpseverywhere at dbatley.com
Mon Feb 21 17:18:43 PST 2011
I've updated the rule to use a catch-all expression and put it here (again):
http://dbatley.com/https/localgov/UKLocalGovernment.xml (the old
version is here:
http://dbatley.com/https/localgov/UKLocalGovernment-2011-02-19.xml )
Should I post that to the rules mailing list or is it ok here?
--dave
On 20 February 2011 08:46, Peter Eckersley <pde at eff.org> wrote:
> On Sun, Feb 20, 2011 at 03:17:23AM +0000, David Batley wrote:
>>
>> A catch-all rule is a bit trickier in this case, as there's a couple
>> of domains which use the "secure" subdomain for https (ie:
>> htttp://www.example.com to https://secure.example.com).
>>
>> If the order the rule statements are executed is guarenteed, it could do:
>> <!-- these need redirect to secure subdomain -->
>> <rule from="^http://www\.(domains-needing-redirect-to-secure)/"
>> to="https://secure.$1" />
>> <!-- everything else uses the same domain for https -->
>> <rule from="^http://www\.([^/]+)/" to="https://www.$1" />
>
> The order *should* be guaranteed. If it's not, that would be a subtle bug
> that we should let know about.
>
>>
>> This would remove the text-editor-melting-ly long line. I think the
>> code will apply these two in the correct order, although if that ever
>> changes then it could break things unexpectedly.
>
> We do need a test suite for HTTPS Everywhere. I think it could begin in the form
> of one of Firefox's mutli-tab bookmarks. Certainly, an order-dependent
> component of this ruleset would be a good tabe to include there.
>
> --
> Peter Eckersley pde at eff.org
> Senior Staff Technologist Tel +1 415 436 9333 x131
> Electronic Frontier Foundation Fax +1 415 436 9993
>
More information about the HTTPS-everywhere
mailing list