[tor-bugs] #10544 [EFF-HTTPS Everywhere]: httpse-ruleset-bug - Bright Cove
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jan 3 03:09:43 UTC 2014
#10544: httpse-ruleset-bug - Bright Cove
----------------------------------+-------------------------------
Reporter: nhraj700 | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version: HTTPS-E 3.4.3
Keywords: | Actual Points:
Parent ID: | Points:
----------------------------------+-------------------------------
httpse-ruleset-bug
On the RGJ.com website, they post videos. One ruleset prevents the videos
from playing correctly. You get a black screen when the ruleset below is
enabled.
The video is at the link below. I disabled the brightcove ruleset and it
works correctly. XML source is below
http://www.rgj.com/article/20140102/SPORTS06/301020026/Chris-Murray-West-s
-breakout-performance-has-Nevada-basketball-hopeful-MWC-watch-video-
<!--
go.brightcove.com is handled in Eloqua-clients.xml.
Other Brightcove rulesets:
- Zencoder.xml
CDN buckets:
- brightcove04.brightcove.com.edgesuite.net
- brightcove04
- brightcove04.o
- osab.vorpal.io
- opensource.brightcove.com
Nonfunctional domains:
- brightcove.com subdomains:
- feeds *
- forum **
- goku (refused)
- investor ***
- link
- brightcove04.o (503, Akamai)
- status *
- brightcove.vo.llnwd.net (400; CN: *.hs.llnwd.net,
.hs. doesn't exist)
* Reset
** Refused
*** Dropped
Problematic domains:
- admin.brightcove.com (akamai)
- go.brightcove.com (works; mismatched, CN:
secure.eloqua.com)
- opensource.brightcove.com (works; mismatched, CN:
*.vorpal.io)
- services.brightcove.com (504, valid cert)
Partially covered subdomains:
- (www.) *
- blog *
* Some pages redirect to http
Fully covered subdomains:
- api
- read.appcloud
- write.appcloud
- developer
- docs
- videocloud
- brightcove.vo.llnwd.net/d21/unsecured/media/
- brightcove.vo.llnwd.net/d22/unsecured/media/
- brightcove.vo.llnwd.net/e1/pd
- brightcove01.brightcove.com/23/
- brightcove04.brightcove.com/4/ (Akamai; 404...but
somethings there...outdated?)
- rainbow.brightcove.com.edgesuite.net
/101716/rtmp_pd
-->
<ruleset name="Brightcove (partial)">
<target host="*.brightcove.com" />
<exclusion
pattern="^http://(?:www\.)?brightcove\.com/(?!sites/|timetrade-
iframe\.html)" />
<exclusion
pattern="^http://blog\.brightcove\.com/(?!sites/)" />
<!--
Videos fail to load.
https://mail1.eff.org/pipermail/https-everywhere-
rules/2012-July/001243.html
-->
<exclusion
pattern="^http://admin\.brightcove\.com/crossdomain\.xml" />
<!--
https://mail1.eff.org/pipermail/https-everywhere-
rules/2013-May/001587.html
-->
<exclusion
pattern="^http://admin\.brightcove\.com/viewer/us20[\d\.]+/BrightcoveBootloader\.swf(?:\?|$)"
/>
<!--exclusion
pattern="^https?://c\.brightcove\.com/services/messagebroker/amf\?playerId="
/-->
<exclusion
pattern="^http://admin\.brightcove\.com/viewer/.+\.swf(?:\?|$)" />
<!--securecookie host="^\.brightcove\.com$" name="^(test|vorpal-
signature|vorpal-user)$" /-->
<securecookie host="^\w.*\.brightcove\.com$" name=".+" />
<rule from="^http://c\.brightcove\.com/services/viewer/"
to="https://secure.brightcove.com/services/viewer/" />
<rule
from="^http://((?:api|(?:read\.|write\.)?appcloud|blog|docs|files|img|metrics|my|register|secure|signin|videocloud|www)\.)?brightcove\.com/"
to="https://$1brightcove.com/" />
<!-- At least the homepage redirects to http.
-->
<rule from="^http://support\.brightcove\.com/(en/contact$|sites/)"
to="https://support.brightcove.com/$1" />
<rule from="^https?://s?admin\.brightcove\.com/"
to="https://sadmin.brightcove.com/" />
<rule from="^http://services\.brightcove\.com/"
to="https://secure.brightcove.com/" />
</ruleset>
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10544>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list