Opened 3 years ago

Last modified 12 months ago

#20099 assigned defect

cmu.edu filter silently breaks some forms

Reported by: cypherpunks Owned by: legind
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Normal Keywords: httpse-ruleset-bug
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

This bug is filed against the production version of https://www.eff.org/https-everywhere/atlas/domains/cmu.edu-2.html

HTTPS Everywhere silently breaks pages within the http://www.cmu.edu/graduate/professional-development/ directory, because these pages embed HTTP forms that are available in HTTPS format (by changing http://cmu.savvior.com/... to https://savvior.com/cmu/... in form URLs) but the secure versions are not currently active. The workaround is to use HTTP only for browsing that portion of cmu.edu, but the rule (when enabled) silently prevents that.

Child Tickets

Change History (3)

comment:1 Changed 3 years ago by cypherpunks

An alternative workaround for individual users is to enable display of interactive mixed content, but there's very little indication to users that this is what they "should" do. -OP

Last edited 3 years ago by cypherpunks (previous) (diff)

comment:2 Changed 3 years ago by cypherpunks

Keywords: httpse-ruleset-bug added

comment:3 Changed 12 months ago by cypherpunks

Component: HTTPS EverywhereHTTPS Everywhere/EFF-HTTPS Everywhere
Owner: set to legind
Status: newassigned
Note: See TracTickets for help on using tickets.