Opened 2 years ago

Last modified 14 months ago

#21690 assigned defect

Sta.sh ruleset is enabled but not DeviantArt, causing mixed content warnings

Reported by: cypherpunks Owned by: legind
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Normal Keywords: httpse-ruleset-bug
Cc: kobaj.g@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

If you visit an https stash page that is using generated deviant art thumbnails, the thumbnails will fail to load as mixed content.

EG the following renders correct: http://sta.sh/0127ggexeju2
The following fails to render in both firefox and chrome: https://sta.sh/0127ggexeju2

The https version looks like this: https://imgur.com/gC9Qias
Here is a paste of the errorcodes: http://pastebin.com/qjijAEbU

Sta.sh is enabled: https://www.eff.org/https-everywhere/atlas/domains/sta.sh.html
But not DA: https://www.eff.org/https-everywhere/atlas/domains/deviantart.com.html

The former should be disabled or the latter enabled

Child Tickets

Change History (1)

comment:1 Changed 14 months ago by teor

Owner: changed from jsha to legind
Status: newassigned

Make legind the owner of all HTTPS Everywhere tickets that were mistakenly assigned to jsha.
(See #26397.)

Note: See TracTickets for help on using tickets.