From 8421b1728ffe8da4b288d76d48d46d96fb4d0dfe Mon Sep 17 00:00:00 2001 From: Josh Rickmar Date: Tue, 18 Sep 2012 18:17:14 -0400 Subject: Add regex support to whitelists This modifies the whitelist and https forcing code to internally use unix extended regular expressions to match domains. The old config syntax converted to an appropiate regular expression. Inputing of raw regular expressions is possible by prepending the string "re:" in front of a regular expression, for example: js_wl = re:^(.*\.)*cyphertite\.com$ would be the same as js_wl = .cyphertite.com --- hsts-preload | 81 +++++++++++++++--------------------------------------------- 1 file changed, 20 insertions(+), 61 deletions(-) (limited to 'hsts-preload') diff --git a/hsts-preload b/hsts-preload index cb2ecd9..20fe21a 100644 --- a/hsts-preload +++ b/hsts-preload @@ -1,6 +1,5 @@ force_https = bitbucket.org -force_https = bitrig.org -force_https = www.bitrig.org +force_https = re:^(www\.)?bitrig\.org$ force_https = .conformal.com force_https = .conformalsys.org force_https = .cyphertite.com @@ -18,22 +17,7 @@ force_https = twitter.com # sites from chromium's preloaded HSTS list # http://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state_static.json?view=markup -force_https = .health.google.com -force_https = .checkout.google.com -force_https = .chrome.google.com -force_https = .docs.google.com -force_https = .sites.google.com -force_https = .spreadsheets.google.com -force_https = .appengine.google.com -force_https = .encrypted.google.com -force_https = .accounts.google.com -force_https = .profiles.google.com -force_https = .mail.google.com -force_https = .talkgadget.google.com -force_https = .talk.google.com -force_https = .hostedtalkgadget.google.com -force_https = .plus.google.com -force_https = .script.google.com +force_https = re:^(.*\.)*(health|checkout|chrome|docs|sites|spreadsheets|appengine|encrypted|accounts|profiles|mail|talkgadget|talk|hostedtalkgadget|plus|script)\.google\.com$ force_https = .market.android.com force_https = .ssl.google-analytics.com force_https = .googleplex.com @@ -47,21 +31,15 @@ force_https = www.noisebridge.net force_https = .neg9.org force_https = .riseup.net force_https = factor.cc -force_https = members.mayfirst.org -force_https = support.mayfirst.org -force_https = id.mayfirst.org -force_https = lists.mayfirst.org +force_https = re:^(members|support|id|lists)\.mayfirst\.org$ force_https = aladdinschools.appspot.com force_https = .ottospora.nl force_https = www.paycheckrecords.com -force_https = lastpass.com -force_https = www.lastpass.com +force_https = re:^(www\.)?lastpass\.com$ force_https = .keyerror.com -force_https = entropia.de -force_https = www.entropia.de +force_https = re:^(www\.)?entropia\.de$ force_https = .romab.com -force_https = logentries.com -force_https = www.logentries.com +force_https = re:^(www\.)?logentries\.com$ force_https = .stripe.com force_https = .cloudsecurityalliance.org force_https = .login.sapo.pt @@ -73,8 +51,7 @@ force_https = .cert.se force_https = .crypto.is force_https = .simon.butcher.name force_https = .linx.net -force_https = dropcam.com -force_https = www.dropcam.com +force_https = re:^(www\.)?dropcam\.com$ force_https = .ebanking.indovinabank.com.vn force_https = epoxate.com force_https = torproject.org @@ -82,59 +59,41 @@ force_https = .blog.torproject.org force_https = .check.torproject.org force_https = .www.torproject.org force_https = .www.moneybookers.com -force_https = ledgerscope.net -force_https = www.ledgerscope.net -force_https = kyps.net -force_https = www.kyps.net -force_https = .app.recurly.com -force_https = .api.recurly.com -force_https = greplin.com -force_https = www.greplin.com +force_https = re:^(www\.)?ledgerscope\.net$ +force_https = re:^(www\.)?kyps\.net$ +force_https = re:^(.*\.)*(app|api)\.recurly\.com$ +force_https = re:^(www\.)?greplin\.com$ force_https = .luneta.nearbuysystems.com force_https = .ubertt.org force_https = .pixi.me force_https = .grepular.com -force_https = mydigipass.com -force_https = www.mydigipass.com -force_https = developer.mydigipass.com -force_https = www.developer.mydigipass.com -force_https = sandbox.mydigipass.com -force_https = www.sandbox.mydigipass.com +force_https = re:^(www\.)?(developer\.|sandbox\.)?mydigipass\.com$ force_https = .crypto.cat force_https = .bigshinylock.minazo.net force_https = .crate.io force_https = .braintreegateway.com -force_https = braintreepayments.com -force_https = www.braintreepayments.com +force_https = re:^(www\.)?braintreepayments\.com$ force_https = emailprivacytester.com force_https = .business.medbank.com.mt force_https = .arivo.com.br force_https = .www.apollo-auto.com force_https = .www.cueup.com -force_https = jitsi.org -force_https = www.jitsi.org +force_https = re:^(www\.)?jitsi\.org$ force_https = download.jitsi.org force_https = .sol.io -force_https = irccloud.com -force_https = www.irccloud.com +force_https = re:^(www\.)?irccloud\.com$ force_https = alpha.irccloud.com force_https = .passwd.io force_https = .browserid.org force_https = .login.persona.org -force_https = neonisi.com -force_https = www.neonisi.com -force_https = shops.neonisi.com +force_https = re:^(www\.|shops\.)?neonisi\.com$ force_https = .piratenlogin.de force_https = .howrandom.org force_https = intercom.io force_https = .fatzebra.com.au force_https = .csawctf.poly.edu -force_https = makeyourlaws.org -force_https = www.makeyourlaws.org +force_https = re:^(www\.)?makeyourlaws\.org$ force_https = .iop.intuit.com -force_https = api.intercom.io -force_https = www.intercom.io -force_https = gmail.com -force_https = googlemail.com -force_https = www.gmail.com -force_https = www.googlemail.com +force_https = re:^(api|www)\.intercom\.io$ +force_https = re:^(www\.)?gmail\.com$ +force_https = re:^(www\.)?googlemail\.com$ -- cgit 1.4.1-2-gfad0