Opened 5 years ago

Closed 5 years ago

#7857 closed defect (fixed)

Amazon AWS breaks Epicmafia

Reported by: cypherpunks Owned by: MB
Priority: Medium Milestone: HTTPS-E 3.2.3
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version: HTTPS-E 3.1.2
Severity: Keywords: httpse-ruleset-bug
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When using Epicmafia, the icons for player types and hearts do not show up. (Create an account to see)

Child Tickets

Change History (7)

comment:1 Changed 5 years ago by mikeperry

Keywords: httpse-ruleset-bug added

comment:2 Changed 5 years ago by mikkoharhanen

I did some testing and here is what I found out:

EpicMafia.com without the rule set:
[OK] http://em.css.s3.amazonaws.com/style.css?2?1359734603
[OK] http://em.css.s3.amazonaws.com/images/logo.png
[OK] http://em.css.s3.amazonaws.com/images/facebook.png

EpicMafia.com with enabled rule set:
[OK] https://s3.amazonaws.com/em.css/style.css?2?1359734603
[403] https://s3.amazonaws.com/images/logo.png
[403] https://s3.amazonaws.com/images/facebook.png

Open image file without rule set:
[OK] http://em.css.s3.amazonaws.com/images/logo.png

Open image file rule set enabled:
[OK] https://s3.amazonaws.com/em.css/images/logo.png

I'm suspecting that style.css is the problem. EpicMafia uses CSS to show images. Here is a clip from style.css:

.roleimg {
  display: block;
  background: url("/images/roleimg.png") no-repeat scroll right top transparent;
  height: 20px;
  width: 20px;
}

The path to the image is /images/roleimg.png. This could be the culprit. When the CSS file's url is redirected to s3.amazonaws.com/em.css/, it tries to find the images from domain s3.amazonaws.com with the path /images/roleimg.png instead of /em.css/images/roleimg.png.

I suppose we need to exclude style.css?

comment:3 Changed 5 years ago by pde

Hey mikko,

Thanks for sleuthing on this. We should investigate to see whether you've in fact discovered what could be a whole category of CSS-related bugs.

comment:4 Changed 5 years ago by pde

Milestone: HTTPS-E 3.2.3

comment:5 Changed 5 years ago by MB

Owner: changed from pde to MB
Status: newaccepted

comment:6 Changed 5 years ago by MB

Status: acceptedassigned

Fixed in 92ff72d9.

comment:7 Changed 5 years ago by MB

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.