Opened 8 years ago

Closed 8 years ago

#7931 closed defect (fixed) broken

Reported by: hanno Owned by: pde
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


This url:

gets forwarded to this:

However, that doesn't exist. Probably the rule for * should be limited to and (and maybe others that work).

(P.S.: This is not the first time I see this - it seems you are too often making rules for *.domainname without checking if there are subdomains that don't support https. In doubt, I'd prefer limiting to rules that definitely work)

Child Tickets

Change History (1)

comment:1 Changed 8 years ago by pde

Resolution: fixed
Status: newclosed

I agree that rulesets written like this are dangerous. Unfortunately there's no well-defined method for enumerating subdomains out of DNS (we could try to make zone transfer requests but they're often blocked). Perhaps #7075 will help to mitigate this problem.

Anyway, here's the fix for this rule:

Note: See TracTickets for help on using tickets.