[tor-bugs] #5036 [EFF-HTTPS Everywhere]: Google "sorry" captcha now supports HTTPS
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Feb 7 01:59:55 UTC 2012
#5036: Google "sorry" captcha now supports HTTPS
----------------------------------+-----------------------------------------
Reporter: ugh | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Good news! It is now possible to do the Google captcha over HTTPS, but
only through https://sorry.google.com/sorry/...
If you try instead https://www.google.com/sorry/... it will just redirect
you to the Google homepage right away.
Another issue is that the "continue" GET variable, which holds the URL for
redirection, will default to HTTP even if the original search was through
HTTPS, so it will have to be rewritten, too.
I tried the following (rough) ruleset as a proof of concept, but for some
reason it doesn't seem to do anything here (which may be a problem with my
installation):
{{{
<ruleset name="GoogleSorry">
<target host="www.google.com" />
<rule from="^http://www\.google\.com/sorry/\?continue=http"
to="https://sorry.google.com/sorry/\?continue=https" />
</ruleset>
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5036>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list