https-everywhere-rules-raw-4.0: vendor/https-everywhere/src/chrome/content/rules/Amazon.xml
<!--
Other Amazon rulesets:
- Amazon-Associates.xml
- AmazonAWS.xml
- Amazon_EU.xml
- Amazon_JP.xml
This rule is off by default because it caused so many aspects of the
Amazon site to break; see the mailing list archives for details.
Currently being fixed...
Amazon appears to operate in 7 countries, and does not hold the domains
for some others, like .se or .be. In other cases there is an http-only site
that redirects to one of these 7 countries.
amazon.com:
Does work:
- ap/ (appears to be purchase-management related)
- ([\w-]+/)?dp/ (i.e. dp/ possibly preceeded by title)
- e/\w{10,10}/ (i.e. e/ followed by ASIN)
- gp/cart
- gp/css
- gp/feature.html
- gp/redirect.html
- gp/registry/wishlist
Doesn't work:
- $ (i.e. homepage)
- ([\w-]+/)?b/ (i.e. b/ preceeded by category)
- exec/obidos/ASIN/
- ([\w-]+/)gp/ (i.e. gp/ possibly preceeded by title)
- gp/goldbox($|\?)
- gp/kindle/pc($|\?)
- gp/pdp/profile($|\?)
- gp/product/
- gp/richpub/syltguides/byauthor($|\?)
- Help/
- l/
- s/
amazon.cn:
Doesn't work:
- Everything?
amazon.ca:
Does work:
everything except...
Doesn't work:
/mn/search/
Partially covered domains:
- askville.amazon.com (pages redirect to SendToHttp.do)
-->
<ruleset name="Amazon (broken)" default_off="breaks Look Inside the Book">
<target host="amazon.ca" />
<target host="www.amazon.ca" />
<target host="amazon.com" />
<target host="askville.amazon.com" />
<exclusion pattern="^http://askville\.amazon\.com/(?!css/)" />
<target host="developer.amazon.com" />
<target host="local.amazon.com" />
<target host="www.amazon.com" />
<!--
These pages don't work on .com:
-->
<exclusion pattern="^http://www\.amazon\.com/(?:$|\?|exec/obidos/|gp/(?:(?:goldbox|kindle/pc|pdp/profile|richpub/syltguides/byauthor)(?:$|\?)|product/)|l/|(?:[\w\-]+/)?(?:b|dp|Help)/)" />
<!--
- ajaxv2: Breaks adding to basket for products with options
- dynamic-update: Breaks image zoom
-->
<exclusion pattern="^http://(?:www\.)?amazon\.com/gp/twister/(?:ajaxv2|dynamic-update/)" />
<!--
Search redirects to http, for all sites.
-->
<exclusion pattern="^http://www\.amazon\.[\w\.]+/(?:gp/search\?|mn/search(?:$|\?)|s(?:/|\?rh=))" />
<!-- Verified as working for UK, ca appears to function identically.
Unfortunately, navigating to an unsecured page wipes one's shopping basket :(
This is problem with our handling of secure cookies, wherein we treat
secure and non-secure cookies with the same ID as one cookie, instead of two.
If our handling were correct, this securecookie rule would have only
one problem, namely that basket information would be missing on search pages.
<securecookie host="^(www)?\.amazon\.ca$" name=".+" />
These cookies are set all over .com:
<securecookie host="^\.amazon\.com$" name="^session-id(-time)?$" />
These cookies are set by gp/cart/view.html
<securecookie host="\.amazon\.com$" name="^(session-token|ubid-main)$"/-->
<securecookie host="^local\.amazon\.com$" name=".+" />
<rule from="^http://(?:www\.)?amazon\.c(a|om)/mn/search/uedata/"
to="https://www.amazon.c$1/uedata/" />
<rule from="^http://(?:www\.)?amazon\.c(a|om)/"
to="https://www.amazon.c$1/" />
<rule from="^http://(askville|developer|local)\.amazon\.com/"
to="https://$1.amazon.com/" />
</ruleset>