[tor-bugs] #11599 [HTTPS Everywhere: Chrome]: Ning.com rule causes missing images in hosted websites
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 24 23:32:13 UTC 2014
#11599: Ning.com rule causes missing images in hosted websites
-------------------------------------+-------------------------------------
Reporter: cypherpunks | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone: HTTPS-E 3.5
Component: HTTPS Everywhere: | Version: HTTPS-E chrome
Chrome | 2013.10.16
Keywords: httpse-ruleset-bug | Actual Points:
Parent ID: | Points:
-------------------------------------+-------------------------------------
The HTTPS Everywhere rule for ning.com (partial) causes images to be
missing from ning-hosted websites, e.g. DiyDrones.com .
Note: The actual version is HTTPS-E chrome 2014.4.16 .
Defect is due to an invalid certificate on Ning's CDN.
This is the communication I had with Ning:
Apr 22 12:46 PM
The SSL certificate for https://origin-api.ning.com is invalid. It does
not match the URL, it is expired, and it does not have a valid CA.
The certificate for https://www.ning.com is valid and would also work for
origin-api.ning.com. You should install it to all your servers.
Aaron (Ning Help Center)
Apr 23 05:20 PM
Hi there,
Thanks for your question! We don't support SSL on that URL. That serves up
our images via our CDN, which is also not currently set up for SSL.
Best,
Aaron
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11599>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list