|
1 | 1 | <!-- |
2 | 2 | See Oracle-mismatches.xml for problematic rules. |
3 | 3 |
|
4 | | -
|
5 | 4 | Other Oracle rulesets: |
6 | | -
|
7 | 5 | - Atgsvcs.com.xml |
8 | 6 | - ATG_Web_Commerce.xml |
9 | 7 | - Compendium.com.xml |
|
23 | 21 | - RightNow-clients.xml |
24 | 22 | - RNengage.com.xml |
25 | 23 |
|
26 | | -
|
27 | | - Non-functional hosts in *.oracle.com: |
28 | | -
|
29 | | - Connection refused: |
| 24 | + Connection refused: |
30 | 25 | - oukc.oracle.com |
31 | 26 | - tahiti.oracle.com |
32 | 27 |
|
33 | | - Timeout: |
34 | | - - blogs-stage.oracle.com |
35 | | - - emeajobs.oracle.com |
36 | | - - forums-stage.oracle.com |
37 | | - - cn.forums-stage.oracle.com |
38 | | - - jdevadf.oracle.com |
39 | | - - wikis-stage.oracle.com |
| 28 | + Connection reset: |
| 29 | + - medianetwork.oracle.com |
40 | 30 |
|
41 | | - Certificate mismatch: |
| 31 | + Invalid certificate: |
42 | 32 | - investor.oracle.com |
| 33 | + - oracleimg.com |
43 | 34 |
|
44 | | - Connection reset: |
45 | | - - medianetwork.oracle.com |
46 | | -
|
47 | | - Redirect to HTTP: |
| 35 | + Redirects to HTTP: |
48 | 36 | - crmondemand.oracle.com |
49 | 37 | - ilearning.oracle.com |
50 | 38 | - japanmediacentre.oracle.com |
51 | 39 |
|
52 | | -
|
53 | | - Non-functional hosts in *.oracleimg.com: |
54 | | -
|
55 | | - Certificate mismatched: |
56 | | - - oracleimg.com |
57 | | -
|
| 40 | + Timed out: |
| 41 | + - blogs-stage.oracle.com |
| 42 | + - emeajobs.oracle.com |
| 43 | + - forums-stage.oracle.com |
| 44 | + - cn.forums-stage.oracle.com |
| 45 | + - jdevadf.oracle.com |
| 46 | + - wikis-stage.oracle.com |
58 | 47 |
|
59 | 48 | Partially covered domains: |
60 | | -
|
61 | 49 | - (www.)oracle.com ¹ |
62 | 50 | - (www.)oracleimg.com ¹ |
63 | | -
|
64 | 51 | ¹ Some paths redirect to http |
65 | 52 |
|
66 | | -
|
67 | 53 | There are probably some data identical across shop and www that could be grabbed for www. |
68 | 54 |
|
69 | 55 | Mixed content: |
70 | | -
|
71 | 56 | - Script on medianetwork from www.oracleimg.com ¹ |
72 | | -
|
73 | 57 | - Images, on: |
74 | | -
|
75 | 58 | - blog from www.eloqua.com |
76 | 59 | - medianetwork from sun.edgeboss.net |
77 | 60 | - medianetwork from www.oracleimg.com ¹ |
78 | 61 | - medianetwork from www.oracleimg.com ² |
79 | 62 | - www from $self ¹ |
80 | | -
|
81 | 63 | - Web bugs, on: |
82 | | -
|
83 | 64 | - events from dnn506yrbagrg.cloudfront.net ¹ |
84 | 65 | - events from consent.truste.com ¹ |
85 | 66 | - medianetwork from www.oracleimg.com ¹ |
86 | | -
|
87 | 67 | ¹ Secured by us |
88 | 68 | ² Unsecurable, doesn't trip MCB |
89 | | -
|
90 | 69 | --> |
| 70 | + |
91 | 71 | <ruleset name="Oracle (partial)"> |
92 | 72 |
|
93 | | - <!-- Direct rewrites: |
94 | | - --> |
| 73 | + <!-- Direct rewrites --> |
95 | 74 | <target host="academy.oracle.com" /> |
96 | 75 | <target host="acsportal.oracle.com" /> |
97 | 76 | <target host="advancedsupport.oracle.com" /> |
|
196 | 175 | <target host="wikis.oracle.com" /> |
197 | 176 | <target host="workforce.oracle.com" /> |
198 | 177 | <target host="www-portal-stage.oracle.com" /> |
199 | | - <target host="www.oracle.com" /> |
200 | 178 | <target host="www-stage.oracle.com" /> |
201 | 179 | <target host="yum.oracle.com" /> |
202 | 180 |
|
203 | | - <target host="www.oracleimg.com" /> |
204 | | - |
205 | | - <!-- Special cases: |
206 | | - --> |
| 181 | + <!-- Special cases --> |
207 | 182 | <target host="oracle.com" /> |
| 183 | + <target host="www.oracle.com" /> |
208 | 184 | <target host="oracleimg.com" /> |
| 185 | + <target host="www.oracleimg.com" /> |
209 | 186 |
|
210 | | - <!-- |
211 | | - Exceptions: |
212 | | - --> |
213 | 187 | <exclusion pattern="^http://www\.oracle(img)?\.com/(?!(\w+/)?assets/|\w+/[^/]+\.(css|gif|jpg|js|png)$|(communities|corporate/careers|javaone|marketingcloud|rightnow)($|[?/]))"/> |
214 | | - |
215 | | - <!-- +ve: |
216 | | - --> |
| 188 | + <!-- +ve --> |
217 | 189 | <test url="http://www.oracle.com/ee/" /> |
218 | 190 | <test url="http://www.oracle.com/gr/" /> |
219 | 191 | <test url="http://www.oracle.com/index.html" /> |
|
232 | 204 | <test url="http://www.oracle.com/us/support/index.html" /> |
233 | 205 | <test url="http://www.oracle.com/us/syndication/subscribe/index.html" /> |
234 | 206 |
|
235 | | - <!-- -ve: |
236 | | - --> |
| 207 | + <!-- -ve --> |
237 | 208 | <test url="http://www.oracle.com/communities" /> |
238 | 209 | <test url="http://www.oracle.com/corporate/careers" /> |
239 | 210 | <test url="http://www.oracle.com/marketingcloud/products/cross-channel/marketing-to-consumers.html" /> |
|
243 | 214 | <test url="http://www.oracleimg.com/us/assets/sidebox-background-top.gif" /> |
244 | 215 |
|
245 | 216 | <securecookie host="^(\w+|\.edelivery)\.oracle\.com$" name=".+" /> |
246 | | - <!-- |
247 | | - Could we secure any of these safely? |
248 | | - --> |
| 217 | + <!-- Could we secure any of these safely? --> |
249 | 218 | <!--securecookie host="^\.oracle\.com$" name="^(ORA_FND_SESSION_CRMAP\.US\.ORACLE\.COM|ORA_FUSION_PREFS|s_eVar21)$" /--> |
250 | | - <!-- |
251 | | - Tracking cookies |
252 | | - --> |
| 219 | + <!-- Tracking cookies --> |
253 | 220 | <securecookie host="^\." name="^(Order_Marketing(CampaignSuccess|Trigger)|gpw_e24|s_(cc|nr|sq))$" /> |
254 | 221 |
|
255 | | - |
256 | 222 | <rule from="^http://(www\.)?oracle(img)?\.com/us/(?=[^/]+\.(css|gif|jpg|js|png)$)" |
257 | 223 | to="https://www.oracle$2.com/us/assets/" /> |
258 | | - |
259 | 224 | <test url="http://oracle.com/us/compass-hp-sprite.png" /> |
260 | 225 | <test url="http://www.oracle.com/us/compass-hp-sprite.png" /> |
261 | 226 | <test url="http://www.oracle.com/us/master-mosaic.css" /> |
262 | 227 | <test url="http://www.oracle.com/us/ocom-base-styles.css" /> |
263 | | - |
264 | 228 | <test url="http://oracleimg.com/us/compass-hp-sprite.png" /> |
265 | 229 | <test url="http://www.oracleimg.com/us/compass-hp-sprite.png" /> |
266 | 230 | <test url="http://www.oracleimg.com/us/f01-bgstrip.png" /> |
|
0 commit comments