[HTTPS-Everywhere] 0.9.2 bug with dev.twitter.com
Peter Eckersley
pde at eff.org
Wed Jan 19 11:06:59 PST 2011
How annoying. This is an effect of the <securecookie> flag in the main
Twitter.com rule, but we can't turn that off without making all Twitter users
vulnerable to Firesheep and similar attacks again.
On Sun, Jan 16, 2011 at 08:47:44PM +0700, Ake K. wrote:
> cannot login with http://dev.twitter.com/. dev.twitter.com doesn't support
> https.
--
Peter Eckersley pde at eff.org
Senior Staff Technologist Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
More information about the HTTPS-everywhere
mailing list