diff options
| author | Josh Rickmar <jrick@devio.us> | 2012-09-18 18:17:14 -0400 |
|---|---|---|
| committer | Josh Rickmar <jrick@devio.us> | 2012-09-18 18:17:14 -0400 |
| commit | 8421b1728ffe8da4b288d76d48d46d96fb4d0dfe (patch) | |
| tree | c1eacb7cfb3e94dcd3ad7a15506a8a947c5f0eed /hsts-preload | |
| parent | fe71f63d6a3a945021f0e5745fbf9240d0ea39ee (diff) | |
| download | xombrero-8421b1728ffe8da4b288d76d48d46d96fb4d0dfe.tar.gz | |
Add regex support to whitelists
This modifies the whitelist and https forcing code to internally use unix extended regular expressions to match domains. The old config syntax converted to an appropiate regular expression. Inputing of raw regular expressions is possible by prepending the string "re:" in front of a regular expression, for example: js_wl = re:^(.*\.)*cyphertite\.com$ would be the same as js_wl = .cyphertite.com
Diffstat (limited to 'hsts-preload')
| -rw-r--r-- | hsts-preload | 81 |
1 files changed, 20 insertions, 61 deletions
diff --git a/hsts-preload b/hsts-preload index cb2ecd9..20fe21a 100644 --- a/hsts-preload +++ b/hsts-preload @@ -1,6 +1,5 @@ force_https = bitbucket.org -force_https = bitrig.org -force_https = www.bitrig.org +force_https = re:^(www\.)?bitrig\.org$ force_https = .conformal.com force_https = .conformalsys.org force_https = .cyphertite.com @@ -18,22 +17,7 @@ force_https = twitter.com # sites from chromium's preloaded HSTS list # http://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state_static.json?view=markup -force_https = .health.google.com -force_https = .checkout.google.com -force_https = .chrome.google.com -force_https = .docs.google.com -force_https = .sites.google.com -force_https = .spreadsheets.google.com -force_https = .appengine.google.com -force_https = .encrypted.google.com -force_https = .accounts.google.com -force_https = .profiles.google.com -force_https = .mail.google.com -force_https = .talkgadget.google.com -force_https = .talk.google.com -force_https = .hostedtalkgadget.google.com -force_https = .plus.google.com -force_https = .script.google.com +force_https = re:^(.*\.)*(health|checkout|chrome|docs|sites|spreadsheets|appengine|encrypted|accounts|profiles|mail|talkgadget|talk|hostedtalkgadget|plus|script)\.google\.com$ force_https = .market.android.com force_https = .ssl.google-analytics.com force_https = .googleplex.com @@ -47,21 +31,15 @@ force_https = www.noisebridge.net force_https = .neg9.org force_https = .riseup.net force_https = factor.cc -force_https = members.mayfirst.org -force_https = support.mayfirst.org -force_https = id.mayfirst.org -force_https = lists.mayfirst.org +force_https = re:^(members|support|id|lists)\.mayfirst\.org$ force_https = aladdinschools.appspot.com force_https = .ottospora.nl force_https = www.paycheckrecords.com -force_https = lastpass.com -force_https = www.lastpass.com +force_https = re:^(www\.)?lastpass\.com$ force_https = .keyerror.com -force_https = entropia.de -force_https = www.entropia.de +force_https = re:^(www\.)?entropia\.de$ force_https = .romab.com -force_https = logentries.com -force_https = www.logentries.com +force_https = re:^(www\.)?logentries\.com$ force_https = .stripe.com force_https = .cloudsecurityalliance.org force_https = .login.sapo.pt @@ -73,8 +51,7 @@ force_https = .cert.se force_https = .crypto.is force_https = .simon.butcher.name force_https = .linx.net -force_https = dropcam.com -force_https = www.dropcam.com +force_https = re:^(www\.)?dropcam\.com$ force_https = .ebanking.indovinabank.com.vn force_https = epoxate.com force_https = torproject.org @@ -82,59 +59,41 @@ force_https = .blog.torproject.org force_https = .check.torproject.org force_https = .www.torproject.org force_https = .www.moneybookers.com -force_https = ledgerscope.net -force_https = www.ledgerscope.net -force_https = kyps.net -force_https = www.kyps.net -force_https = .app.recurly.com -force_https = .api.recurly.com -force_https = greplin.com -force_https = www.greplin.com +force_https = re:^(www\.)?ledgerscope\.net$ +force_https = re:^(www\.)?kyps\.net$ +force_https = re:^(.*\.)*(app|api)\.recurly\.com$ +force_https = re:^(www\.)?greplin\.com$ force_https = .luneta.nearbuysystems.com force_https = .ubertt.org force_https = .pixi.me force_https = .grepular.com -force_https = mydigipass.com -force_https = www.mydigipass.com -force_https = developer.mydigipass.com -force_https = www.developer.mydigipass.com -force_https = sandbox.mydigipass.com -force_https = www.sandbox.mydigipass.com +force_https = re:^(www\.)?(developer\.|sandbox\.)?mydigipass\.com$ force_https = .crypto.cat force_https = .bigshinylock.minazo.net force_https = .crate.io force_https = .braintreegateway.com -force_https = braintreepayments.com -force_https = www.braintreepayments.com +force_https = re:^(www\.)?braintreepayments\.com$ force_https = emailprivacytester.com force_https = .business.medbank.com.mt force_https = .arivo.com.br force_https = .www.apollo-auto.com force_https = .www.cueup.com -force_https = jitsi.org -force_https = www.jitsi.org +force_https = re:^(www\.)?jitsi\.org$ force_https = download.jitsi.org force_https = .sol.io -force_https = irccloud.com -force_https = www.irccloud.com +force_https = re:^(www\.)?irccloud\.com$ force_https = alpha.irccloud.com force_https = .passwd.io force_https = .browserid.org force_https = .login.persona.org -force_https = neonisi.com -force_https = www.neonisi.com -force_https = shops.neonisi.com +force_https = re:^(www\.|shops\.)?neonisi\.com$ force_https = .piratenlogin.de force_https = .howrandom.org force_https = intercom.io force_https = .fatzebra.com.au force_https = .csawctf.poly.edu -force_https = makeyourlaws.org -force_https = www.makeyourlaws.org +force_https = re:^(www\.)?makeyourlaws\.org$ force_https = .iop.intuit.com -force_https = api.intercom.io -force_https = www.intercom.io -force_https = gmail.com -force_https = googlemail.com -force_https = www.gmail.com -force_https = www.googlemail.com +force_https = re:^(api|www)\.intercom\.io$ +force_https = re:^(www\.)?gmail\.com$ +force_https = re:^(www\.)?googlemail\.com$ |