|
1 | 1 | # Ruleset style guide |
2 | 2 |
|
3 | 3 | Goal: Rules should be written in a way that is consistent, easy for humans to |
4 | | -read and debug, and makes errors less likely. |
| 4 | +read and debug, and reduces the chance of errors, and makes testing easy. |
5 | 5 |
|
6 | 6 | To that end, here are some style guidelines for writing or modifying rulesets. |
7 | 7 | They are intended to help and simplify in places where choices are ambiguous, |
8 | 8 | but like all guidelines they can be broken if the circumstances require it. |
9 | 9 |
|
10 | | -Avoid using the left-wildcard ("target host='*.example.com'") for unless you |
| 10 | +Avoid using the left-wildcard ("<target host='*.example.com'>") unless you |
11 | 11 | really mean it. Many rules today specify a left-wildcard target, but the |
12 | 12 | rewrite rules only rewrite an explicit list of hostnames. |
13 | 13 |
|
14 | | -Prefer listing explicit target hosts and a single rewrite from "^http:" to |
| 14 | +Instead, prefer listing explicit target hosts and a single rewrite from "^http:" to |
15 | 15 | "^https:". This saves you time as a ruleset author because each explicit target |
16 | | -host automatically creates a test URL, reducing the need to add your own test |
17 | | -URLs. These also make it easier for someone reading the ruleset to figure out |
| 16 | +host automatically creates a an implicit test URL, reducing the need to add your |
| 17 | +own test URLs. These also make it easier for someone reading the ruleset to figure out |
18 | 18 | which subdomains are covered. |
19 | 19 |
|
20 | 20 | If you know all subdomains of a given domain support HTTPS, go ahead and use a |
21 | 21 | left-wildcard, along with a plain rewrite from "^http:" to "^https:". Make sure |
22 | 22 | to add a bunch of test URLs for the more important subdomains. If you're not |
23 | | -sure what subdomains might exist, check the 'subdomain tab on Wolfram Alpha: |
| 23 | +sure what subdomains might exist, check the 'subdomain' tab on Wolfram Alpha: |
24 | 24 | http://www.wolframalpha.com/input/?i=_YOUR_DOMAIN_GOES_HERE_. |
25 | 25 |
|
26 | 26 | If there are a handful of tricky subdomains, but most subdomains can handle the |
27 | 27 | plain rewrite from "^http:" to "^https:", specify the rules for the tricky |
28 | 28 | subdomains first, and then then plain rule last. Earlier rules will take |
29 | 29 | precedence, and processing stops at the first matching rule. |
30 | 30 |
|
31 | | -Avoid regexes with long strings of subdomains, e.g. <rule |
32 | | -from="^http://(foo|bar|baz|bananas).example.com" />. These are hard to read and |
| 31 | +Avoid regexes with long strings of subdomains, e.g. <rule |
| 32 | +from="^http://(foo|bar|baz|bananas).example.com" />. These are hard to read and |
33 | 33 | maintain, and are usually better expressed with a longer list of target hosts, |
34 | 34 | plus a plain rewrite from "^http:" to "^https:". |
35 | 35 |
|
36 | | -Prefer dashes over underscores in filenames. |
| 36 | +Prefer dashes over underscores in filenames. Dashes are easier to type. |
37 | 37 |
|
38 | 38 | When matching an arbitrary DNS label (a single component of a hostname), prefer |
39 | 39 | `([\w-]+)` for a single label (i.e www), or `([\w-.]+)` for multiple labels |
40 | | -(i.e. www.beta). Avoid the more visually complicated `([^/:@\.]+\.)?`, seen in |
41 | | -some rules. |
| 40 | +(i.e. www.beta). Avoid more visually complicated options like `([^/:@\.]+\.)?`. |
42 | 41 |
|
43 | 42 | For `securecookie` tags, it's common to match any cookie name. For these, prefer |
44 | 43 | `.+` over `.*`. They are functionally equivalent, but it's nice to be |
@@ -82,6 +81,8 @@ test URLs: |
82 | 81 |
|
83 | 82 | <test url="http://html.spec.whatwg.org/" /> |
84 | 83 | <test url="http://fetch.spec.whatwg.org/" /> |
| 84 | + <test url="http://xhr.spec.whatwg.org/" /> |
| 85 | + <test url="http://dom.spec.whatwg.org/" /> |
85 | 86 |
|
86 | 87 | <rule from="^http:" |
87 | 88 | to="https:" /> |
|
0 commit comments