Skip to content

Commit 7562e2b

Browse files
author
2d1
committed
Merge pull request EFForg#663 from StevenRoddis/4.0
Generic fix for signed Cloudfront urls
2 parents db9b2dd + 63cabd7 commit 7562e2b

File tree

1 file changed

+5
-29
lines changed

1 file changed

+5
-29
lines changed

src/chrome/content/rules/Cloudfront.xml

Lines changed: 5 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -1,35 +1,11 @@
11
<ruleset name="Cloudfront">
2-
<target host="www.cloudfront.net" />
2+
<target host="cloudfront.net" />
33
<target host="*.cloudfront.net" />
44

55
<rule from="^http://([^/:@\.]+)\.cloudfront\.net/" to="https://$1.cloudfront.net/"/>
6-
<!-- Deal with https://trac.torproject.org/projects/tor/ticket/6848 -->
7-
<exclusion pattern="^http://d1b14unh5d6w7g\.cloudfront\.net" />
8-
<!-- https://trac.torproject.org/projects/tor/ticket/7020 -->
9-
<exclusion pattern="^http://d1i6vahw24eb07\.cloudfront\.net" />
10-
<!-- C-SPAN videos: https://trac.torproject.org/projects/tor/ticket/7567 -->
11-
<exclusion pattern="^http://d1k4es7bw1lvxt\.cloudfront\.net" />
12-
<!-- this unbreaks turntable.fm and probably many other things-->
13-
<exclusion pattern="^http://d1bw0qpdrmjlhz\.cloudfront\.net" />
14-
<!--
15-
This breaks padlet.com wall:
166

17-
https://trac.torproject.org/projects/tor/ticket/9146
18-
-->
19-
<exclusion pattern="^http://d2s8n7nv9yizdf\.cloudfront\.net/assets/extras-\w{32}\.js" />
20-
<!-- and this is a generalised precaution from turntable.fm -->
21-
<exclusion pattern="^http://([^/:@\.]+)\.cloudfront\.net/crossdomain\.xml" />
22-
<!-- Spotify https://trac.torproject.org/projects/tor/ticket/7888 -->
23-
<exclusion pattern="^http://dsu0uct5x2puz\.cloudfront\.net" />
24-
<!-- Droplr: https://trac.torproject.org/projects/tor/ticket/8572 -->
25-
<exclusion pattern="^http://d1zjcuqflbd5k\.cloudfront\.net" />
26-
<!-- TuneIn: https://trac.torproject.org/projects/tor/ticket/8704 -->
27-
<exclusion pattern="^http://d3bwsr3zpy54hy\.cloudfront\.net" />
28-
<!-- Amazon mp3: https://trac.torproject.org/projects/tor/ticket/9367
29-
https://trac.torproject.org/projects/tor/ticket/9851 -->
30-
<exclusion pattern="^http://d2q1srilgjznst\.cloudfront\.net" />
31-
<exclusion pattern="^http://d28julafmv4ekl\.cloudfront\.net" />
32-
33-
<!-- Panelsyndicate: https://github.com/EFForg/https-everywhere/issues/650 -->
34-
<exclusion pattern="^http://d2h7a0a3c1074f\.cloudfront\.net" />
7+
<!-- See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html
8+
Policies contain the protocol, so a signature for http will not work for https
9+
-->
10+
<exclusion pattern="&amp;Signature=" />
3511
</ruleset>

0 commit comments

Comments
 (0)