Opened 6 years ago

Closed 6 years ago

#7135 closed defect (fixed)

https everywhere breaks bahncard.bahn.de

Reported by: hanno Owned by: MB
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In the newsletters from "Deutsche Bahn" (german railway company), they use links like this:
http://bahncard.bahn.de/cgi-bin9/DM/t/mBwo0vAbY04S0BOtj0Fy

These are only forwarding URLs.

However, https everywhere changes them to https. But this domain does not have a valid ssl certificate configured.

It seems https everywhere redirects all subdomains *.bahn.de to https. This works for www.bahn.de and also reiseauskunft.bahn.de (the two most common ones probably), but it seems not for others. It should restrict the forwarding rules to specific subdomains that definitely work with https.

Child Tickets

Change History (2)

comment:1 Changed 6 years ago by pde

Component: HTTPS Everywhere: ChromeEFF-HTTPS Everywhere
Owner: changed from pde to MB
Status: newassigned

comment:2 Changed 6 years ago by pde

Resolution: fixed
Status: assignedclosed

Fixed in git + soon in 3.0.3

Note: See TracTickets for help on using tickets.