Conversation
Use Firefox's new upgradeToSecure flag instead of standard URI rewrites when applying simple rulesets. Should fix issue with CORS blocking certain HTTPS rewrites (#49).
|
Still need to work out the kinks in Chrome -- in the meantime, @Hainish do you have any other feedback? |
|
Warning: This browser detection code is licensed as "all rights reserved" and can't be used. |
|
See #15127. |
|
Oh thanks @epicminecrafting! Still new to the project, and that wouldn't have occurred to me. I'll take a closer look at your PR and try to merge it in. |
|
Hey @bcyphers - also, please make pull requests from your own HTTPS Everywhere repository. This is to keep the number of branches listed in the public repo relatively manageable. Thanks! |
|
I guess the browser detection code can be replaced with compile time boolean variable since all we need to know is that whether the browser support the upgradeToSecure property. Chromium and Firefox extensions uses different fIle extensions anyway. |
|
@cschanaj We would still need to detect the Firefox version. |
|
@epicminecrafting in the case it is known that the browser is Firefox, we could use |
@bcyphers and I chatted about this, and this is the solution we came up with as well. |
|
I've amended the pull request enough that I'm going to close this one and re-open it from a branch in my own repo. |
3 participants
Closes #49.
In Firefox, cross-origin resource sharing (CORS) requests that are approved for http urls are sometimes
blocked after being rewritten to https. Firefox has recently added a new option to webRequest.BlockingResponse, upgradeToSecure, which performs a simple http --> https rewrite. This branch tries to use that flag instead of a standard rewrite whenever (1) the rewrite is trivial and (2) the browser is Firefox 59+.
Can be tested on this website: http://shop.decatorevista.ro/
With the current version of the extension in Firefox, a few calls to maxcdn.bootstrapcdn.com will be blocked, breaking styles on the page. This branch allows them to be rewritten successfully.