[HTTPS-Everywhere] Using the rules in a proxy?
Dave Warren
davew at hireahit.com
Wed Jul 15 15:23:48 PDT 2015
On 2015-07-08 08:16, Martin Mulazzani wrote:
> Anyone ever tried to use the HTTPS Everywhere ruleset in a proxy? I'm
> aware of https://github.com/apg/heproxy but I'm missing a general
> discussion on reusability of the rules.
> <...>
> I'm thinking of a transparent proxy that redirects users e.g. using 302
> responses from port 80 to 443, using something like Privoxy or nginx. Is
> it worthwile to pursue (I think definitely, but would value your
> feedback). What are the hurdles?
Given the amount of breakage that HTTPS Everywhere causes, I'd be a
little nervous about this type of deployment in any sort of production
environment.
Doing it at the browser works well due to the ease of disabling rules,
but I can't think of a way to trivially bypass broken rules if this were
implemented at the proxy level.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
More information about the HTTPS-Everywhere
mailing list