On 2015-07-08 08:16, Martin Mulazzani wrote:
Anyone ever tried to use the HTTPS Everywhere ruleset in a proxy? I'm aware of https://github.com/apg/heproxy but I'm missing a general discussion on reusability of the rules. <...> I'm thinking of a transparent proxy that redirects users e.g. using 302 responses from port 80 to 443, using something like Privoxy or nginx. Is it worthwile to pursue (I think definitely, but would value your feedback). What are the hurdles?
Given the amount of breakage that HTTPS Everywhere causes, I'd be a little nervous about this type of deployment in any sort of production environment.
Doing it at the browser works well due to the ease of disabling rules, but I can't think of a way to trivially bypass broken rules if this were implemented at the proxy level.
-- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren _______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
