|
8 | 8 |
|
9 | 9 | - bbs.seller ¹ |
10 | 10 | - escrow |
| 11 | + - m.fulfillment ² |
11 | 12 |
|
12 | 13 | ¹ Dropped |
| 14 | + ² Invalid certificate |
13 | 15 |
|
14 | 16 |
|
15 | 17 | Problematic hosts in *aliexpress.com: |
16 | 18 |
|
| 19 | + - $self ˣ |
| 20 | + - www ˣ |
17 | 21 | - activities ˣ |
18 | | - - gw.api ˣ |
19 | | - - brands ᵐ |
20 | | - - s.click ᵐ |
21 | | - - collections ˣ |
22 | 22 | - daxue ˣ |
23 | | - - es ᵐ ˣ |
24 | 23 | - fulfillment ˣ |
25 | | - - fuwu ˣ |
26 | | - - gaga ˣ |
27 | | - - group ˣ |
28 | | - - he ᵐ |
29 | | - - hz ˣ |
30 | | - - id ˣ |
31 | | - - ja ᵐ |
32 | | - - m ᵐ |
33 | | - - mai ˣ |
34 | 24 | - open ˣ |
35 | | - - page ˣ |
36 | | - - pt ᵐ |
37 | | - - ru ᵐ ˣ |
38 | | - - sale ᵐ ˣ |
39 | 25 | - seller ˣ |
40 | | - - superdeals ˣ |
41 | 26 |
|
42 | | - ᵐ Mismatched |
43 | | - ˣ Mixed css, see https://www.paulirish.com/2010/the-protocol-relative-url/ |
| 27 | + ˣ Active mixed content, see https://www.paulirish.com/2010/the-protocol-relative-url/ |
44 | 28 |
|
45 | 29 |
|
46 | 30 | Insecure cookies are set for these domains and hosts: ᶜ |
47 | 31 |
|
48 | 32 | - .aliexpress.com |
| 33 | + - www.aliexpress.com |
49 | 34 | - best.aliexpress.com |
50 | 35 | - coupon.aliexpress.com |
51 | 36 | - group.aliexpress.com |
52 | 37 | - my.aliexpress.com |
53 | 38 | - promotion.aliexpress.com |
54 | 39 | - shoppingcart.aliexpress.com |
55 | 40 | - university.aliexpress.com |
56 | | - - www.aliexpress.com |
57 | 41 | - (locale_vhost).aliexpress.com |
58 | 42 |
|
59 | 43 | ᶜ See https://owasp.org/index.php/SecureFlag |
|
65 | 49 |
|
66 | 50 | - css, on: |
67 | 51 |
|
68 | | - - activities, collections, daxue, es, fuwu, gaga, group, hz, id, it, mai, open, page, pl, superdeals, th from style.aliunicorn.com ˢ |
| 52 | + - www from style.aliunicorn.com |
| 53 | + - activities, daxue, open, th from style.aliunicorn.com ˢ |
69 | 54 | - fulfillment from style.alibaba.com ˢ |
70 | | - - gw.api from style.c.aliimg.com ˢ |
71 | | - - mai img.alibaba.com ˢ |
| 55 | + - seller from style.alibaba.com |
72 | 56 | - sale from i0\d.i.aliimg.com ˢ |
73 | 57 |
|
| 58 | + - js, on: |
| 59 | +
|
| 60 | + - seller from style.alibaba.com |
| 61 | + - www, seller from style.aliexpress.com |
| 62 | + - www, open from style.aliunicorn.com |
| 63 | +
|
74 | 64 | - Images, on: |
75 | 65 |
|
76 | | - - activities, gw.api, ar, de, es, group, he, id, ja, ko, mai, nl, pl, pt, ru, tr, vi from img.alibaba.com ˢ |
77 | | - - activities, fulfillment, gaga, seller from i0\d.i.aliimg.com ˢ |
| 66 | + - activities, open from img.alibaba.com ˢ |
| 67 | + - activities, fulfillment, seller from i0\d.i.aliimg.com ˢ |
78 | 68 | - activities from style.aliunicorn.com ˢ |
79 | | - - ar, best, brands, de, coupon, group, hz, it, ja, ko, nl, page, pl, ru, sale, th, tr, vi from g0\d.a.alicdn.com ˢ |
80 | 69 | - fulfillment, hz from img.alibaba.com ˢ |
| 70 | + - open from gtms01.alicdn.com |
81 | 71 | - university from gtms04.alicdn.com ˢ |
82 | 72 |
|
83 | | - - Bug on activities, collections, coupon, daxue, de, es, fr, fulfillment, fuwu, gaga, group, he, id, it, ja, ko, mai, nl, open, page, pl, pt, ru, seller, superdeals, th, tr, trade, university, vi from dmtracking2.alibaba.com ˢ |
| 73 | + - Bug on activities, daxue, fulfillment, open, seller from dmtracking2.alibaba.com ˢ |
84 | 74 |
|
85 | 75 | ˢ Secured by us, see https://www.paulirish.com/2010/the-protocol-relative-url/ |
86 | 76 |
|
87 | 77 | --> |
88 | 78 | <ruleset name="AliExpress.com (partial)"> |
89 | 79 |
|
90 | | - <target host="aliexpress.com" /> |
91 | | - <target host="www.aliexpress.com" /> |
| 80 | + <!--target host="aliexpress.com" /--> |
| 81 | + <!--target host="www.aliexpress.com" /--> |
92 | 82 | <!--target host="activities.aliexpress.com" /--> |
93 | 83 | <target host="us.ae.aliexpress.com" /> |
94 | | - <!--target host="gw.api.aliexpress.com" /--> |
95 | 84 | <target host="ar.aliexpress.com" /> |
| 85 | + <target host="m.ar.aliexpress.com" /> |
96 | 86 | <target host="best.aliexpress.com" /> |
97 | | - <!--target host="collections.aliexpress.com" /--> |
| 87 | + <target host="brands.aliexpress.com" /> |
| 88 | + <target host="s.click.aliexpress.com" /> |
| 89 | + <target host="collections.aliexpress.com" /> |
98 | 90 | <target host="compare.aliexpress.com" /> |
99 | 91 | <target host="coupon.aliexpress.com" /> |
100 | 92 | <!--target host="daxue.aliexpress.com" /--> |
101 | 93 | <target host="de.aliexpress.com" /> |
| 94 | + <target host="m.de.aliexpress.com" /> |
| 95 | + <target host="es.aliexpress.com" /> |
| 96 | + <target host="m.es.aliexpress.com" /> |
| 97 | + <target host="flashdeals.aliexpress.com" /> |
102 | 98 | <target host="fr.aliexpress.com" /> |
| 99 | + <target host="m.fr.aliexpress.com" /> |
103 | 100 | <!--target host="fulfillment.aliexpress.com" /--> |
104 | | - <!--target host="fuwu.aliexpress.com" /--> |
105 | | - <!--target host="group.aliexpress.com" /--> |
| 101 | + <target host="fuwu.aliexpress.com" /> |
| 102 | + <target host="gaga.aliexpress.com" /> |
| 103 | + <target host="group.aliexpress.com" /> |
| 104 | + <target host="he.aliexpress.com" /> |
106 | 105 | <target host="help.aliexpress.com" /> |
107 | 106 | <target host="home.aliexpress.com" /> |
108 | | - <!--target host="id.aliexpress.com" /--> |
| 107 | + <target host="hz.aliexpress.com" /> |
| 108 | + <target host="id.aliexpress.com" /> |
| 109 | + <target host="m.id.aliexpress.com" /> |
109 | 110 | <target host="it.aliexpress.com" /> |
| 111 | + <target host="m.it.aliexpress.com" /> |
| 112 | + <target host="ja.aliexpress.com" /> |
| 113 | + <target host="m.ja.aliexpress.com" /> |
110 | 114 | <target host="ko.aliexpress.com" /> |
| 115 | + <target host="m.ko.aliexpress.com" /> |
111 | 116 | <target host="login.aliexpress.com" /> |
112 | | - <!--target host="mai.aliexpress.com" /--> |
| 117 | + <target host="m.aliexpress.com" /> |
| 118 | + <target host="mai.aliexpress.com" /> |
113 | 119 | <target host="my.aliexpress.com" /> |
114 | 120 | <target host="nl.aliexpress.com" /> |
| 121 | + <target host="m.nl.aliexpress.com" /> |
115 | 122 | <!--target host="open.aliexpress.com" /--> |
116 | | - <!--target host="page.aliexpress.com" /--> |
| 123 | + <target host="page.aliexpress.com" /> |
117 | 124 | <target host="pl.aliexpress.com" /> |
118 | 125 | <target host="promotion.aliexpress.com" /> |
| 126 | + <target host="pt.aliexpress.com" /> |
| 127 | + <target host="m.pt.aliexpress.com" /> |
119 | 128 | <target host="report.aliexpress.com" /> |
| 129 | + <target host="sale.aliexpress.com" /> |
120 | 130 | <!--target host="seller.aliexpress.com" /--> |
| 131 | + <target host="marketplace.seller.aliexpress.com" /> |
121 | 132 | <target host="shoppingcart.aliexpress.com" /> |
122 | | - <!--target host="superdeals.aliexpress.com" /--> |
| 133 | + <target host="superdeals.aliexpress.com" /> |
| 134 | + <target host="ru.aliexpress.com" /> |
| 135 | + <target host="m.ru.aliexpress.com" /> |
123 | 136 | <target host="th.aliexpress.com" /> |
| 137 | + <target host="m.th.aliexpress.com" /> |
124 | 138 | <target host="tr.aliexpress.com" /> |
| 139 | + <target host="m.tr.aliexpress.com" /> |
125 | 140 | <target host="trade.aliexpress.com" /> |
126 | 141 | <target host="u.aliexpress.com" /> |
127 | 142 | <target host="university.aliexpress.com" /> |
128 | 143 | <target host="vi.aliexpress.com" /> |
| 144 | + <target host="m.vi.aliexpress.com" /> |
129 | 145 | <target host="track.aliexpress.com" /> |
130 | 146 | <target host="lighthouse.aliexpress.com" /> |
131 | 147 | <target host="message.aliexpress.com" /> |
132 | 148 |
|
133 | 149 | <!-- Mixed css: |
134 | 150 | --> |
135 | | - <!--test url="http://gw.api.alibaba.com/dev/doc/intl/sys_description.htm?ns=aliexpress.open" /--> |
| 151 | + <!--test url="http://aliexpress.com/buyerprotection/overview.html" /--> |
| 152 | + <!--test url="http://www.aliexpress.com/buyerprotection/overview.html" /--> |
136 | 153 | <!--test url="http://daxue.aliexpress.com/goodseller.php" /--> |
| 154 | + <!--test url="http://open.aliexpress.com/shopmarket/index.htm" /--> |
137 | 155 | <!--test url="http://page.aliexpress.com/tips-for-new-users.htm" /--> |
138 | | - <!--test url="http://www.aliexpress.com/wholesale.html" /--> |
| 156 | + <!--test url="http://seller.aliexpress.com/trad.html" /--> |
| 157 | + |
| 158 | + <!-- Mixed js: |
| 159 | + --> |
| 160 | + <!--test url="http://aliexpress.com/buyerprotection/overview.html" /--> |
| 161 | + <!--test url="http://www.aliexpress.com/buyerprotection/overview.html" /--> |
| 162 | + <!--test url="http://open.aliexpress.com/shopmarket/index.htm" /--> |
| 163 | + <!--test url="http://seller.aliexpress.com/trad.html" /--> |
139 | 164 |
|
140 | 165 |
|
141 | 166 | <!-- Not secured by server: |
|
0 commit comments