irykoon
diff --git a/‎src/chrome/content/rules/Bitly.com.xml‎
Lines changed: 7 additions & 38 deletions b/‎src/chrome/content/rules/Bitly.com.xml‎
Lines changed: 7 additions & 38 deletions
diff --git a/‎src/chrome/content/rules/Disqus.xml‎
Lines changed: 28 additions & 22 deletions b/‎src/chrome/content/rules/Disqus.xml‎
Lines changed: 28 additions & 22 deletions
diff --git a/‎src/chrome/content/rules/FacebookCoreWWWi.onion.xml‎
Lines changed: 4 additions & 41 deletions b/‎src/chrome/content/rules/FacebookCoreWWWi.onion.xml‎
Lines changed: 4 additions & 41 deletions
diff --git a/‎src/chrome/content/rules/Freetz.org.xml‎
Lines changed: 14 additions & 0 deletions b/‎src/chrome/content/rules/Freetz.org.xml‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎src/chrome/content/rules/LackName.org.xml‎
Lines changed: 7 additions & 0 deletions b/‎src/chrome/content/rules/LackName.org.xml‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎src/chrome/content/rules/National_Geographic.com-problematic.xml‎
Lines changed: 0 additions & 13 deletions b/‎src/chrome/content/rules/National_Geographic.com-problematic.xml‎
Lines changed: 0 additions & 13 deletions
diff --git a/‎src/chrome/content/rules/National_Geographic.com.xml‎
Lines changed: 89 additions & 0 deletions b/‎src/chrome/content/rules/National_Geographic.com.xml‎
Lines changed: 89 additions & 0 deletions
@@ -1,54 +1,23 @@
 <!--
 	For other Bitly coverage, see Bitly.xml.
 
+	Refused:
+		api.bitly.com
 
-	Nonfunctional domains:
-
-		- dev.bitly.com ¹
-		- word.bitly.com ²
-		- api.bitly.com ³
-
-	¹ Refused
-	² Tumblr
-	³ Dropped
-
-
-	Problematic domains:
-
-		- support.bitly.com ¹
-		- www.bitly.com ²
-
-	¹ Mismatched
-	² Reset
-
-
-	Insecure cookies are set for these hosts:
-
-		- bitly.com
+	Invalid certificate:
+		word.bitly.com
 
 -->
 <ruleset name="Bitly.com (partial)">
 
-	<!--	Direct rewrites:
-				-->
 	<target host="bitly.com" />
-	<target host="platform.bitly.com" />
-
-	<!--	Complications:
-				-->
 	<target host="www.bitly.com" />
-
-
-	<!--	Not secured by server:
-					-->
-	<!--securecookie host="^bitly\.com$" name="^(_xsrf|anon_u)$" /-->
+	<target host="dev.bitly.com" />
+	<target host="platform.bitly.com" />
+	<target host="support.bitly.com" />
 
 	<securecookie host="^bitly\.com$" name=".+" />
 
-
-	<rule from="^http://www\.bitly\.com/"
-		to="https://bitly.com/" />
-
 	<rule from="^http:"
 		to="https:" />
 
 
@@ -1,36 +1,42 @@
 <!--
 	Commenting system used by several large sites.
-		
-	Subdomains like SITENAME.disqus.com aren't covered in this ruleset.
-	Probably some other subdomains aren't covered either.
+
 -->
-<ruleset name="Disqus (partial)">
+<ruleset name="Disqus">
 
 	<target host="disqus.com" />
-	<target host="www.disqus.com" />
-	<target host="alternativeto-blog.disqus.com" />
-	<target host="blog.disqus.com" />
-	<target host="chenyufei.disqus.com" />
-	<target host="community.disqus.com" />
-	<target host="go.disqus.com" />
-	<target host="help.disqus.com" />
-	<target host="jbosstools.disqus.com" />
-	<target host="nytchinese.disqus.com" />
-	<target host="redirect.disqus.com" />
-	<target host="refferer.disqus.com" />
-	<target host="secure.disqus.com" />
-	
-	<target host="realtime.services.disqus.com" />
-	<target host="juggler.services.disqus.com" />
-	<target host="extract.services.disqus.com" />
-	<target host="sentry.services.disqus.com" />
+	<!-- Each customer has its own subdomain. STS header includes subdomains -->
+	<target host="*.disqus.com" />
+		<test url="http://www.disqus.com/" />
+		<test url="http://alternativeto-blog.disqus.com/" />
+		<test url="http://blog.disqus.com/" />
+		<test url="http://chenyufei.disqus.com/" />
+		<test url="http://community.disqus.com/" />
+		<test url="http://go.disqus.com/" />
+		<test url="http://help.disqus.com/" />
+		<test url="http://jbosstools.disqus.com/" />
+		<test url="http://nytchinese.disqus.com/" />
+		<test url="http://redirect.disqus.com/" />
+		<test url="http://refferer.disqus.com/" />
+		<test url="http://secure.disqus.com/" />
+		<test url="http://realtime.services.disqus.com/" />
+		<test url="http://juggler.services.disqus.com/" />
+		<test url="http://extract.services.disqus.com/" />
+		<test url="http://sentry.services.disqus.com/" />
 
 	<target host="a.disquscdn.com" />
+		<test url="http://c.disquscdn.com/next/embed/styles/lounge.b6e30194f7733461731644bd3f145d25.css" />
+	<target host="c.disquscdn.com" />
+		<test url="http://c.disquscdn.com/next/embed/styles/lounge.b6e30194f7733461731644bd3f145d25.css" />
+	<target host="imagerator.disquscdn.com" />
 	<target host="media.disquscdn.com" />
+		<test url="http://media.disquscdn.com/channel-docs/Mod_Playbook.pdf" />
+	<target host="uploads.disquscdn.com" />
+		<test url="http://uploads.disquscdn.com/images/b142d2c778d1939e4c0555edece4ee74eb3f18b8b9a63648623f9fa5bdf9f2fa.jpg" />
 
 	<target host="disq.us" />
 
-	<securecookie host="^(\.)?disqus\.com$" name=".+" />
+	<securecookie host="^disqus\.com$" name=".+" />
 
 	<rule from="^http:" to="https:" />
 
 
@@ -1,60 +1,23 @@
-
 <!--
-
 	For other Facebook coverage, see Facebook.xml.
 
 	This ruleset covers Facebook hidden services on Tor.
 
-
-	Fully covered hosts:
-
-		- facebookcorewwwi.onion
-
-		- *.facebookcorewwwi.onion:
-
-			- (www.)?
-			- ar-ar
-			- de-de
-			- developers
-			- es-la
-			- fr-fr
-			- hi-in
-			- it-it
-			- ja-jp
-			- pt-br
-			- m
-			- zh-cn
-
-		- in *fbcdn23dssr3jqnq.onion:
-
-			- ^
-			- scontent.xx
-
-		- fbsbx2q4mvcl63pw.onion
-
-
-	Insecure cookies are set for these domains:
-
-		- .facebookcorewwwi.onion
-
 -->
 <ruleset name="Facebook Hidden Service">
 
-	<!--	Direct rewrites:
-				-->
 	<target host="facebookcorewwwi.onion" />
 	<target host="*.facebookcorewwwi.onion" />
 
 		<test url="http://developers.facebookcorewwwi.onion/" />
 		<test url="http://m.facebookcorewwwi.onion/" />
 		<test url="http://www.facebookcorewwwi.onion/" />
 
-	<target host="scontent.xx.fbcdn23dssr3jqnq.onion" />
-
+	<target host="*.xx.fbcdn23dssr3jqnq.onion" />
 
-	<!--	Not secured by server:
-					-->
-	<!--securecookie host="^\.facebookcorewwwi\.onion$" name="^(datr|noscript|reg_ext_ref|reg_fb_gate|reg_fb_ref)$" /-->
+		<test url="http://static.xx.fbcdn23dssr3jqnq.onion/rsrc.php/v3/yw/l/0,cross/BiATacNWkhp.css" />
+		<test url="http://scontent.xx.fbcdn23dssr3jqnq.onion/v/t39.2365-6/851585_216271631855613_2121533625_n.png?oh=7a437b0bae2ba8efc157cf6564ce1440&amp;oe=5ADC6020" />
+		<test url="http://external-lht6-1.xx.fbcdn23dssr3jqnq.onion/safe_image.php" />
 
 	<securecookie host=".+" name=".+" />
 
 
@@ -0,0 +1,14 @@
+<!--
+	Invalid certificate:
+		- svn.freetz.org
+		- trac.freetz.org
+-->
+<ruleset name="Freetz.org">
+	<target host="freetz.org" />
+	<target host="www.freetz.org" />
+	<target host="trac.freetz.org" />
+
+	<rule from="^http://trac\.freetz\.org/" to="https://freetz.org/" />
+
+	<rule from="^http:" to="https:" />
+</ruleset>
@@ -0,0 +1,7 @@
+<ruleset name="LackName.org">
+
+	<target host="lackname.org" />
+
+	<rule from="^http:" to="https:" />
+
+</ruleset>
@@ -0,0 +1,89 @@
+<!--
+	CDN buckets:
+		- nationalgeographic.desk.com
+		- natgeo.edgeboss.net
+		- dotcom-media.nationalgeographic.com.edgesuite.net
+			- a1843.g1.akamai.net
+		- images.nationalgeographic.com.edgesuite.net
+			- a1621.g.akamai.net
+		- kids.nationalgeographic.com.edgesuite.net
+			- a1966.b.akamai.net
+		- news.nationalgeographic.com.edgesuite.net
+			- a1420.g.akamai.net
+		- t.p.mybuys.com/clients/NATIONALGEOGRAPHIC/
+		- s7d2.scene7.com/is/image/NationalGeographic/
+
+	Redirects to HTTP:
+		- channel
+		- media-channel (Redirects to channel)
+		- tvblogs (Redirects to channel)
+
+	Invalid certificate:
+		- adventureblog
+		- environment
+		- help
+		- metric
+		- newswatch
+		- ngm
+		- photography
+		- travel
+		- yourshotblog
+
+	502 proxy error:
+		- images
+	
+	Mixed content:
+		- archive (Example: https://archive.nationalgeographic.com/?iid=133596#folio=CV1)
+		- news
+			- Images, from:
+				- avatars.fyre.co *
+				- zor.fyre.co *
+			- Ads/web bugs, from:
+				- b.comcardresearch.com *
+				- loadus.exelator.com *
+				- cdn.gigya.com *
+				- www.googleadservices.com *
+	* Secured by us
+
+	No working URL known:
+		- media-yourshot
+	
+	Time out:
+		- nationalgeographic.com *
+
+	* Standard rule times out over HTTPS, new rule redirects to https://www.nationalgeographic.com/
+
+-->
+<ruleset name="National Geographic">
+
+	<target host="nationalgeographic.com" />
+	<target host="www.nationalgeographic.com" />
+	<target host="digitalnomad.nationalgeographic.com" />
+	<target host="events.nationalgeographic.com" />
+	<target host="genographic.nationalgeographic.com" />
+	<target host="intelligenttravel.nationalgeographic.com" />
+	<target host="kids.nationalgeographic.com" />
+	<target host="media-members.nationalgeographic.com" />
+		<test url="http://media-members.nationalgeographic.com/static-media/img/favicon.ico" />
+	<target host="media-mmdb.nationalgeographic.com" />
+		<test url="http://media-mmdb.nationalgeographic.com/static-media/img/favicon.ico" />
+	<target host="members.nationalgeographic.com" />
+	<target host="metrics.nationalgeographic.com" />
+	<target host="mmdb.nationalgeographic.com" />
+	<target host="mshop.nationalgeographic.com" />
+	<target host="news.nationalgeographic.com" />
+	<target host="press.nationalgeographic.com" />
+	<target host="shop.nationalgeographic.com" />
+	<target host="video.nationalgeographic.com" />
+
+	<!--	Tracking cookies:
+					-->
+	<securecookie host="^\.nationalgeographic\.com$" name="^(gpv_p\d+|s_\w+|__utm)?\w$" />
+
+	<rule from="^http://nationalgeographic\.com/"
+		to="https://www.nationalgeographic.com/" />
+
+	<rule from="^http:"
+		to="https:" />
+
+</ruleset>