[tor-bugs] #9467 [EFF-HTTPS Everywhere]: Imgur: unresolved redirect loops
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Aug 12 23:11:21 UTC 2013
#9467: Imgur: unresolved redirect loops
----------------------------------+-----------------------------------------
Reporter: micahlee | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Reported on https-everywhere-rules:
To whom it may concern:
https://gitweb.torproject.org/https-
everywhere.git/commitdiff/364a9298e3c400b2702b3d04b406a84d98f6ccb2
attempted to enable coverage for all of (www.)imgur.com, but there are
still many pages redirecting to http.
It appears that the previous exclusions were never quite complete.
The homepage is the only thing that ever _stopped_ redirecting to
http, as far as I could notice. It later resumed redirecting (see
https://bugzilla.mozilla.org/show_bug.cgi?id=866986#c7 ).
These paths redirect to http:
- random$
- gallery/ (this includes image pages as well as a XHR made by the
homepage's infinite scroll feature)
- a/[imageID]/embed
- help$
- tos$
- removalrequest$
- apps$
These paths don't:
- register$
- register/upgrade$
- signin$
- images/
- include/
- min/
Everything appears to be ok if we limit the coverage of (www.)imgur.com
to:
<rule
from="^http://(www\.)?imgur\.com/(images|include|min|register|signin)(/|\?|$)"
to="https://$1imgur.com/$2$3"/>
There is a bit of coverage we could add, though: store.imgur.com =
imgur-store.myshopify.com
I haven't yet tested with an account.
(This message doesn't strictly apply to the 3.x stable branch, because
the Imgur ruleset is disabled there, though the exclusions are
incomplete as explained.)
C. Liu
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9467>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list