packages feed

https-everywhere-rules-raw-4.0: vendor/https-everywhere/src/chrome/content/rules/Cheezburger.xml

<!--
	CDN buckets:

		- wac.1ddb.edgecastcdn.net/??1DDB/

			- images.cheezburger.com


	As of 2012-08-22, known unprotected subdomains are:

		- advertising	(unbounce.com certificate)
		- blog		(not listening on https)
		- corp		(not listening on https)
		- developer	(mashery.com certificate)
		- feedback	(uservoice.com certificate)
		- jobs		(theresumator.com certificate)
		- sites		(unbounce.com certificate)

	However, there are tens (hundreds?) of subdomains supporting https with
	a wildcard certificate, so it's not worth whitelisting them one by one.

	Other related unprotected hosts:

		- chzb.gr
		- knowyourmeme.com


	Problematic domains:

		- images.cheezburger.com	(works; mismatched, CN: gp1.wac.edgecastcdn.net)

-->
<ruleset name="Cheezburger" platform="mixedcontent">

	<target host="cheezburger.com" />
	<target host="*.cheezburger.com" />
		<exclusion pattern="^http://(?:corp|blog|sites|advertising|developer|jobs|feedback)\.cheezburger\.com/" />
	<target host="chzb.gr" />
	<target host="*.chzbgr.com" />


	<securecookie host="^www\.cheezburger\.com$" name=".*" />


	<rule from="^http://images\.cheezburger\.com/"
		to="https://i.chzbgr.com/" />

	<!--	There are some inconsistent redirects between cheezburger.com and
		www.cheezburger.com. So don't try to enforce either hostname.
					-->
	<rule from="^http://([\w\-]+\.)?cheezburger\.com/"
		to="https://$1cheezburger.com/" />

	<rule from="^https?://chzb\.gr/"
		to="https://bit.ly/" />

	<rule from="^http://(i|s|t)\.chzbgr\.com/"
		to="https://$1.chzbgr.com/" />

	<rule from="^https://(advertising|blog|developer|feedback|jobs|sites)\.cheezburger\.com/?$"
		to="http://$1.cheezburger.com/" downgrade="1" />

	<rule from="^https://corp\.cheezburger\.com/(terms-of-service|privacy-policy|copyright-infringement-notification)/$"
		to="http://corp.cheezburger.com/$1/" downgrade="1" />

</ruleset>