[HTTPS-Everywhere] Release 2.2 for Firefox seems to ignore default_off

Peter Eckersley pde at eff.org
Fri Aug 17 12:47:39 PDT 2012 

The problem is the call to the Ruleset constructor in that patch.  It has an
extra parameter, xmlruleset.getAttribute("f"), which isn't expected.

Seth, can you look to see whether you intended to do something else with that
parameter, or whether we should just pull it out?

(I also thing this bug is Very Serious, but it's only going to affect freshly
installing users that didn't have an earlier version of HTTPS Everywhere.
Accordingly, I've switched the "install" button on the page to install 2.1
again).

On Fri, Aug 17, 2012 at 12:35:19PM -0700, Peter Eckersley wrote:
> Actually, this is less urgent than I thought (the default_off field is still
> functioning, it just isn't being displayed properly in the config window).
> 
> It's most likely that this was caused by this commit:
> 
> https://gitweb.torproject.org/https-everywhere.git/commitdiff/a1d02f16794ed4d593863e5921b4b05c93badf27
> 
> 
> On Fri, Aug 17, 2012 at 12:28:15PM -0700, Peter Eckersley wrote:
> > Argh, it looks like you're right.  We'll push a fix ASAP.
> > 
> > On Fri, Aug 17, 2012 at 11:30:15AM -0700, Christopher Liu wrote:
> > > To whom it may concern:
> > > 
> > > The 2.2 release of HTTPS Everywhere for Firefox does not appear to
> > > honor the default_off field in rulesets (either built-in or user).
> > > I noticed the problem when I went to the configuration window to check
> > > on the rulesets that were noted as broken, and I saw that they had not
> > > been disabled as they should have been.
> > > 
> > > In this screenshot, observe that the 33Bits and 4Shared rulesets do
> > > not show their default_off message (they are disabled because they had
> > > been disabled previously).
> > > 
> > > http://img341.imageshack.us/img341/6262/he22defaultoffbroken1.png
> > > 
> > > The configuration window seems instead to show the value of match_rule
> > > in the notes column. The following screenshot shows this for Stevens.
> > > Indymedia has the same symptom.
> > > 
> > > http://img140.imageshack.us/img140/5236/he22defaultoffbroken2.png
> > > 
> > > I've verified that Error Console shows no name conflicts / parsing
> > > failures for my user rulesets, nor any other error obviously caused by
> > > HTTPS Everywhere. I looked in the default.rulesets file and saw that
> > > the default_off fields were present.
> > > I am using Firefox 14.0.1 for Windows, and HTTPS Everywhere was
> > > updated from version 2.1. The problem did not occur in any previous
> > > version.
> > > 
> > > If you are unable to reproduce this, please explain where I should
> > > begin troubleshooting. Thank you for your time and help.
> > > 
> > > C. Liu
> > > 
> > > P.S. Expect me to send at least one email to the
> > > https-everywhere-rules list within the next couple days ... I know
> > > we're all in a hurry now that 3.0 is coming soon ...
> > > 
> > > _______________________________________________
> > > HTTPS-everywhere mailing list
> > > HTTPS-everywhere at mail1.eff.org
> > > https://mail1.eff.org/mailman/listinfo/https-everywhere
> > 
> > -- 
> > Peter Eckersley                            pde at eff.org
> > Technology Projects Director      Tel  +1 415 436 9333 x131
> > Electronic Frontier Foundation    Fax  +1 415 436 9993
> 
> -- 
> Peter Eckersley                            pde at eff.org
> Technology Projects Director      Tel  +1 415 436 9333 x131
> Electronic Frontier Foundation    Fax  +1 415 436 9993

-- 
Peter Eckersley                            pde at eff.org
Technology Projects Director      Tel  +1 415 436 9333 x131
Electronic Frontier Foundation    Fax  +1 415 436 9993

More information about the HTTPS-everywhere mailing list