Https-everywhere: Certain domain (pitt.edu) breaks when HTTPS everywhere chrome extension is active
Expected:
Actual:
Reporting as per https://www.eff.org/https-everywhere/faq#faq-What-if-HTTPS-Everywhere-breaks-some-site-that-I-use?
Some sites within the domain (for example the site my professor uses for class, http://www.pitt.edu/~bonidie/syllabus.html) return 404s when HTTPS everywhere is enabled
Cull-Methi
All 4 comments
This is probably "unsafe scripts" getting blocked. Clock on the "shield" in the URL and allow unsafe scripts to load. I'm not sure the right way to deal with this in rulesets. A couple of sites behave this way.
SOME of the page loads with https, but it seems the browser balks at loading unsigned scripts if ANY part of the page successfully loads with https, even if the main site itself is not using https.
phillipremaker
on 19 May 2016
@phillipremaker yes that appears to be the issue, I can confirm that it works when I allow unsafe scripts to load. Sorry for the late reply
Cull-Methi
on 1 Jun 2016
pitt.edu also has a problem with their user directories: e.g. http://www.pitt.edu/~kloman/harry.html works, but https://www.pitt.edu/~kloman/harry.html produces a 404. Using the excemption toggle and then reloading the http version works.
Update: The mixed content issue reported above seems to be fixed though, so maybe I should've opened another issue instead :-\
ckujau
on 28 Mar 2017
This seems to be fixed.
J0WI
on 15 Jun 2018
Related issues
J0WI
路
4Comments
a0193143
路
4Comments
J0WI
路
3Comments
apple-web-evangelist
路
4Comments
cschanaj
路
4Comments
Most helpful comment
This seems to be fixed.