[HTTPS-Everywhere] Part of website broken?
Peter Eckersley
pde at eff.org
Wed Oct 19 11:42:07 PDT 2011
This is a nasty bug. It appears to have been triggered by the
nsIContentPolicy disablement, but is fixed by Giorgio Maone's
ChannelReplacement patch, which I just committed to master.
I'm going to work on new dev and stable releases today to get these fixes out to
people.
On Wed, Oct 19, 2011 at 07:41:28AM -0400, David Waltz wrote:
> Hi,
>
> I hope this is where I should mention this possibility.
>
> The website is: www.united.com
>
> I'm using Firefox 7.01. Everything else on my computer has the
> latest updates.
>
> With the rules for United Airlines in HTTPS Everywhere 1.0.3
> enabled, when I go to that page, I can't select any menus or input
> anything, to look for a flight, or logon to my account, for example.
>
> I have the Calomel SSL Validation add-on. It gives a message "This
> connection is either partially encrypted or completely broken. Do
> not trust this SSL connection."
>
> The page appears to act as if I had javascript disabled.
>
> I have the NoScript add-on. It is set to allow united.com.
>
> I just noticed this problem in the last few days.
>
> If I disable the rules for United Airlines in HTTPS Everywhere, the
> page works "normally", I suppose because then it isn't encrypted.
>
> This may be a United website problem, but I don't know what to say
> to them about it.
>
> I hope this information might help.
>
> David
> _______________________________________________
> HTTPS-everywhere mailing list
> HTTPS-everywhere at mail1.eff.org
> https://mail1.eff.org/mailman/listinfo/https-everywhere
--
Peter Eckersley pde at eff.org
Technology Projects Director Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
More information about the HTTPS-everywhere
mailing list