1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
Description: Update Debian rules
Bug-Debian: https://bugs.debian.org/757234
Author: Paul Wise <pabs@debian.org>
Iceweasel ships with the needed certificate authorities for self-signed rules
to be enabled by default.
diff --git a/src/chrome/content/rules/Debian-self-signed.xml b/src/chrome/content/rules/Debian-self-signed.xml
new file mode 100644
index 0000000..2d6cb0e
--- /dev/null
+++ b/src/chrome/content/rules/Debian-self-signed.xml
@@ -0,0 +1,28 @@
+<!--
+ For rules that are on by default, see Debian.xml.
+
+
+ Fully covered domains:
+
+ - mentors.debian.net
+ - paste.debian.net
+
+-->
+<ruleset name="Debian (self-signed)">
+
+ <target host="*.debian.net" />
+ <!--exclusion pattern="^http://screenshots\.debian\.net/" /-->
+ <!--
+ Nonfunctional:
+ -->
+ <!--exclusion pattern="^http://(ca|incoming|popcon|search)\.debian\.org/" /-->
+ <!--
+ Handled in Debian.xml:
+ -->
+ <!--exclusion pattern="^http://((?:anonscm|(?:[^/:@]+\.)?alioth|arch|bits|bugs(?:-master)?|buildd|bzr|contributors|cvs|darcs|db|dsa|ftp-master|git|hg|lintian|lists|munin|nagios|nm|openstack\.bm|packages|people|piuparts|puppet-dashboard|(?:packages\.)?qa|release|rt|rtc|security-(?:tracker|master)|sip-ws|sso|svn|tracker|udd|vote|wiki|www)\.)?debian\.org/" /-->
+
+
+ <rule from="^http://(mentors|paste)\.debian\.net/"
+ to="https://$1.debian.net/" />
+
+</ruleset>
diff --git a/src/chrome/content/rules/Debian.xml b/src/chrome/content/rules/Debian.xml
index 154a8fd..bce5d60 100644
--- a/src/chrome/content/rules/Debian.xml
+++ b/src/chrome/content/rules/Debian.xml
@@ -9,24 +9,14 @@
Nonfunctional domains:
- - screenshots.debian.net ¹
-
- debian.org subdomains:
- - anonscm ²
- ca (shows db; mismatched, CN: db.debian.org)
- - cvs ²
- incoming (shows ftp-master; mismatched, CN: ftp-master.debian.org)
- - people (reset; people.debian.org/~joerg/ is displayed
- after fetching gpg.ganneff.de over http...)
- popcon ¹
- - qa ¹
- - packages.qa ¹
- search (shows www; mismatched, CN: debian.org)
- - svn ²
¹ Refused
- ² Shows alioth; mismatched, CN: alioth.debian.org
Problematic domains:
@@ -36,12 +26,9 @@
- debian.org subdomains:
- - alioth ¹
- - lists.alioth ²
- cdimage (refused)
¹ Works, self-signed
- ² Works, self-signed, mismatched, CN: alioth.debian.org
Partially covered domains:
@@ -60,6 +47,7 @@
- nagios
- nm
- wiki
+ - ...
altnames that don't exist:
@@ -89,7 +77,7 @@
<securecookie host="^nm\.debian\.org$" name=".+" />
- <rule from="^http://((?:bugs|buildd|contributors|db|dsa|ftp-master|lists|munin|nagios|nm|packages|piuparts|release|rt|security-tracker|sso|udd|vote|wiki|www)\.)?debian\.org/"
+ <rule from="^http://((?:anonscm|(?:[^/:@]+\.)?alioth|arch|bits|bugs(?:-master)?|buildd|bzr|contributors|cvs|darcs|db|dsa|ftp-master|git|hg|lintian|lists|munin|nagios|nm|openstack\.bm|packages|people|piuparts|puppet-dashboard|(?:packages\.)?qa|release|rt|rtc|security-(?:tracker|master)|sip-ws|sso|svn|tracker|udd|vote|wiki|www)\.)?debian\.org/"
to="https://$1debian.org/" />
<rule from="^http://(france|screenshots)\.debian\.net/"
|
