Opened 6 years ago
Last modified 2 years ago
#10544 new defect
httpse-ruleset-bug - Bright Cove
Reported by: | nhraj700 | Owned by: | pde |
---|---|---|---|
Priority: | Medium | Milestone: | |
Component: | HTTPS Everywhere/EFF-HTTPS Everywhere | Version: | HTTPS-E 3.4.3 |
Severity: | Normal | Keywords: | |
Cc: | nhraj700@… | Actual Points: | |
Parent ID: | Points: | ||
Reviewer: | Sponsor: |
Description
httpse-ruleset-bug
On the RGJ.com website, they post videos. One ruleset prevents the videos from playing correctly. You get a black screen when the ruleset below is enabled.
The video is at the link below. I disabled the brightcove ruleset and it works correctly. XML source is below
<!--
go.brightcove.com is handled in Eloqua-clients.xml.
Other Brightcove rulesets:
- Zencoder.xml
CDN buckets:
- brightcove04.brightcove.com.edgesuite.net
- brightcove04
- brightcove04.o
- osab.vorpal.io
- opensource.brightcove.com
Nonfunctional domains:
- brightcove.com subdomains:
- feeds *
- forum
- goku (refused)
- investor *
- link
- brightcove04.o (503, Akamai)
- status *
- brightcove.vo.llnwd.net (400; CN: *.hs.llnwd.net, .hs. doesn't exist)
- Reset Refused * Dropped
Problematic domains:
- admin.brightcove.com (akamai)
- go.brightcove.com (works; mismatched, CN: secure.eloqua.com)
- opensource.brightcove.com (works; mismatched, CN: *.vorpal.io)
- services.brightcove.com (504, valid cert)
Partially covered subdomains:
- (www.) *
- blog *
- Some pages redirect to http
Fully covered subdomains:
- api
- read.appcloud
- write.appcloud
- developer
- docs
- videocloud
- brightcove.vo.llnwd.net/d21/unsecured/media/
- brightcove.vo.llnwd.net/d22/unsecured/media/
- brightcove.vo.llnwd.net/e1/pd
- brightcove01.brightcove.com/23/
- brightcove04.brightcove.com/4/ (Akamai; 404...but somethings there...outdated?)
- rainbow.brightcove.com.edgesuite.net
/101716/rtmp_pd
-->
<ruleset name="Brightcove (partial)">
<target host="*.brightcove.com" />
<exclusion pattern="http://(?:www\.)?brightcove\.com/(?!sites/|timetrade-iframe\.html)" />
<exclusion pattern="http://blog\.brightcove\.com/(?!sites/)" />
<!--
Videos fail to load.
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-July/001243.html
-->
<exclusion pattern="http://admin\.brightcove\.com/crossdomain\.xml" />
<!--
https://mail1.eff.org/pipermail/https-everywhere-rules/2013-May/001587.html
-->
<exclusion pattern="http://admin\.brightcove\.com/viewer/us20[\d\.]+/BrightcoveBootloader\.swf(?:\?|$)" />
<!--exclusion pattern="https?:c\.brightcove\.com/services/messagebroker/amf\?playerId=" /-->
<exclusion pattern="http://admin\.brightcove\.com/viewer/.+\.swf(?:\?|$)" />
<!--securecookie host="\.brightcove\.com$" name="(test|vorpal-signature|vorpal-user)$" /-->
<securecookie host="\w.*\.brightcove\.com$" name=".+" />
<rule from="http://c\.brightcove\.com/services/viewer/"
to="https://$1brightcove.com/" />
<!-- At least the homepage redirects to http.
-->
<rule from="http://support\.brightcove\.com/(en/contact$|sites/)"
<rule from="https?:s?admin\.brightcove\.com/"
to="https://sadmin.brightcove.com/" />
<rule from="http://services\.brightcove\.com/"
to="https://secure.brightcove.com/" />
</ruleset>
Set all open tickets without a severity to "Normal"