The last point I raised – mixed content blocking – deserves more attention.
The answer currently says, in part: > although Chrome version 18+ has some built-in protections against insecure > scripts in pages, and HTTPS Everywhere for Chrome will in fact trigger > these on a site like the New York Times > By default, it won’t, because the NYTimes ruleset is: 1. disabled by default, using default_off; and 2. labelled mixedcontent. 1. default_off If I enable it, then it does activate the mixed content blocker on … http://www.nytimes.com/2014/01/16/world/americas/a-quandary-for-mexico-as-vigilantes-rise.html … in spite of the redirect loop [1]. (disclaimer: tested on Firefox, as I don’t have Chrome installed) 2. mixedcontent If it’s labelled mixedcontent, then it can never trigger the mixed content blocker, right? Also see another thread, where I ask about labelling rulesets mixedcontent [2]. [1] https://lists.eff.org/pipermail/https-everywhere-rules/2014-January/001834.html [2] https://lists.eff.org/pipermail/https-everywhere-rules/2014-January/001835.html -- Brian Drake All content created by me: Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>© 2014 Brian Drake. All rights reserved. On Mon, Jan 13, 2014 at 1003 (UTC), Drake, Brian <[email protected]>wrote: > Regarding this HTTPS Everywhere FAQ section: “Q. What's the meaning of the > broken padlock icon at the bottom of the browser, or the warning that a > site contains "insecure information" or "unauthenticated content"?” > > Anyone who’s used Firefox recently should see straight away that there are > some big problems with this answer, particularly the bold text at the end. > The “blue tint” has been replaced by a simple padlock, the “green tint” has > been replaced by green text on a white background, and mixed content > blocking has been introduced, though not mentioned in this answer. > > -- > Brian Drake > > All content created by me: > Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>© 2014 > Brian Drake. All rights reserved. >
_______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
