On Sun, 25 Jan 2026 at 12:05, Nick Owens <[email protected]> wrote:
> On Sun, Jan 25, 2026 at 7:19 AM Constantine A. Murenin > <[email protected]> wrote: > > > > > > P.S. BTW, it seems like the entire cvsweb.openbsd.org site is now on > eero's blacklist as of today — they now redirect it to > https://blocked.eero.com/?cat=advanced_security&reason=52&url=cvsweb.openbsd.org > — likely because of these games with redirecting to "malware" sites already > on the blacklist. > > > > C. > > thanks for mentioning this. i (eero employee) escalated this to > dnsfilter (3rd party provider) and i believe this should be fixed now > (for eero customers, and other dnsfilter customers as well, i think). > they had surprisingly quick turn around getting back to me. > For posterity, cvsweb was blocked for reason [52, "Phishing & Deception"], because it was redirecting requests to theannoyingsite dot com, which is blocked for reason [66, "Malware"]. More details and the prior thread: https://github.com/feross/TheAnnoyingSite.com http://www.mail-archive.com/[email protected]/msg196734.html http://www.mail-archive.com/[email protected]/msg196757.html It's back to redirecting to localhost now, which is hardly any better, because it's still breaking the browser's BACK button, and destroys the path and revision that you're supposed to see. C. % curl --head ' http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/multimedia/openwv/pkg/README?rev=1.1&ipk=K8Bn8w6mSMA6F3ekkYPcACkE0Nn4G729RUNolBYq_4M ' HTTP/1.1 301 Moved Permanently Connection: close Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; Content-Type: text/html Date: Sun, 25 Jan 2026 18:18:04 GMT Location: http://localhost/ Server: OpenBSD httpd Transfer-Encoding: chunked
