Opened 6 years ago

Last modified 3 years ago

#13832 new defect

HTTPS Everywhere breaks PayPal checkout process

Reported by: jonlef Owned by: zyan
Priority: High Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Normal Keywords: httpse-ruleset-bug
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


For, ordering with HTTPS Everywhere in the PayPal portion of the checkout breaks the site by rewriting https connection to

The issue has been spotted on Firefox 33.1, Windows 7 - 64 bit.

Please, the rule ( on should be modified to not redirect to anymore.

Thank you

Child Tickets

Change History (4)

comment:1 Changed 6 years ago by jsha

I'll work on fixing the rule, thanks for letting us know!

I notice that the site currently redirects httpS:// to Any chance I can convince you to disable that redirect, so users who want to browse your site securely can do so?


comment:2 Changed 6 years ago by jonlef

Hi Jacob,

Thank you for your help. The site already redirects to https in all areas exchanging user information and payment information. About using only https, I take note of the suggestion and we will review it.

Thanks again,


comment:3 Changed 6 years ago by jsha

Thanks Jon! The pull request fixing this is at It will be included in our next stable release.

As you're probably aware, we strongly believe that all sites should use HTTPS at all times, to protect not only credit card information but also web browsing activity. It's no longer a performance impact on the server side, and the performance change on the client side is negligible, or even an improvement if you use SPDY (which depends on HTTPS).

comment:4 Changed 3 years ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.