Opened 4 years ago

Last modified 9 days ago

#10544 new defect

httpse-ruleset-bug - Bright Cove

Reported by: nhraj700 Owned by: pde
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version: HTTPS-E 3.4.3
Severity: Normal Keywords:
Cc: nhraj700@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

httpse-ruleset-bug

On the RGJ.com website, they post videos. One ruleset prevents the videos from playing correctly. You get a black screen when the ruleset below is enabled.

The video is at the link below. I disabled the brightcove ruleset and it works correctly. XML source is below

http://www.rgj.com/article/20140102/SPORTS06/301020026/Chris-Murray-West-s-breakout-performance-has-Nevada-basketball-hopeful-MWC-watch-video-

<!--

go.brightcove.com is handled in Eloqua-clients.xml.

Other Brightcove rulesets:

  • Zencoder.xml

CDN buckets:

  • brightcove04.brightcove.com.edgesuite.net
  • brightcove04
  • brightcove04.o
  • osab.vorpal.io
  • opensource.brightcove.com

Nonfunctional domains:

  • brightcove.com subdomains:
  • feeds *
  • forum
  • goku (refused)
  • investor *
  • link
  • brightcove04.o (503, Akamai)
  • status *
  • brightcove.vo.llnwd.net (400; CN: *.hs.llnwd.net, .hs. doesn't exist)
  • Reset Refused * Dropped

Problematic domains:

  • admin.brightcove.com (akamai)
  • go.brightcove.com (works; mismatched, CN: secure.eloqua.com)
  • opensource.brightcove.com (works; mismatched, CN: *.vorpal.io)
  • services.brightcove.com (504, valid cert)

Partially covered subdomains:

  • (www.) *
  • blog *
  • Some pages redirect to http

Fully covered subdomains:

  • api
  • read.appcloud
  • write.appcloud
  • developer
  • docs
  • videocloud
  • brightcove.vo.llnwd.net/d21/unsecured/media/
  • brightcove.vo.llnwd.net/d22/unsecured/media/
  • brightcove.vo.llnwd.net/e1/pd
  • brightcove01.brightcove.com/23/
  • brightcove04.brightcove.com/4/ (Akamai; 404...but somethings there...outdated?)
  • rainbow.brightcove.com.edgesuite.net

/101716/rtmp_pd

-->
<ruleset name="Brightcove (partial)">

<target host="*.brightcove.com" />

<exclusion pattern="http://(?:www\.)?brightcove\.com/(?!sites/|timetrade-iframe\.html)" />
<exclusion pattern="
http://blog\.brightcove\.com/(?!sites/)" />
<!--

Videos fail to load.

https://mail1.eff.org/pipermail/https-everywhere-rules/2012-July/001243.html

-->

<exclusion pattern="http://admin\.brightcove\.com/crossdomain\.xml" />
<!--

https://mail1.eff.org/pipermail/https-everywhere-rules/2013-May/001587.html

-->

<exclusion pattern="http://admin\.brightcove\.com/viewer/us20[\d\.]+/BrightcoveBootloader\.swf(?:\?|$)" />
<!--exclusion pattern="
https?:c\.brightcove\.com/services/messagebroker/amf\?playerId=" /-->
<exclusion pattern="http://admin\.brightcove\.com/viewer/.+\.swf(?:\?|$)" />

<!--securecookie host="\.brightcove\.com$" name="(test|vorpal-signature|vorpal-user)$" /-->
<securecookie host="\w.*\.brightcove\.com$" name=".+" />

<rule from="http://c\.brightcove\.com/services/viewer/"

to="https://secure.brightcove.com/services/viewer/" />

<rule from="http://((?:api|(?:read\.|write\.)?appcloud|blog|docs|files|img|metrics|my|register|secure|signin|videocloud|www)\.)?brightcove\.com/"

to="https://$1brightcove.com/" />

<!-- At least the homepage redirects to http.

-->

<rule from="http://support\.brightcove\.com/(en/contact$|sites/)"

to="https://support.brightcove.com/$1" />

<rule from="https?:s?admin\.brightcove\.com/"

to="https://sadmin.brightcove.com/" />

<rule from="http://services\.brightcove\.com/"

to="https://secure.brightcove.com/" />

</ruleset>

Child Tickets

Change History (1)

comment:1 Changed 9 days ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.