Opened 8 years ago

Closed 7 years ago

#7540 closed defect (fixed)

Breaks certain links and forms at SnapNames

Reported by: subsection1t Owned by: pde
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Keywords:
Cc: MB, admin@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

  1. User opens the shopping cart at SnapNames: https://www.snapnames.com/exposedSwitch.do?view=shoppingCart
  2. User clicks the "Continue Shopping" link.
  3. User is directed to 404 page.

Child Tickets

Change History (1)

comment:1 Changed 7 years ago by pde

Cc: MB admin@… added
Resolution: fixed
Status: newclosed

I think this is a securecookie bug. Which is weird, because moniker.snapnames.com is being successfully rewritten from HTTP to HTTPS. This is probably evidence of a security vulernability in the snapnames site.

Anyway, we're going to disable the securecookie directives in the next release of HTTPS Everywhere.

Note: See TracTickets for help on using tickets.