Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
152 lines (120 sloc) 5.39 KB
<!--
This ruleset aims to cover all sites in the Stackexchange family
Problematic domains:
- www.stackapps.com ==> Mismatched
- mathoverflow.com ==> No response (only a redirect to mathoverflow.net anyway)
- meta.*.stackexchange.com ==> Mismatched (now *.meta.stackexchange.com)
- blog.* ==> Mixed Active Content
- discuss.area51.stackexchange.com ==> Mismatched
-->
<ruleset name="Stack Exchange">
<!-- Askubuntu -->
<target host="askubuntu.com" />
<target host="www.askubuntu.com" />
<target host="meta.askubuntu.com" />
<!-- Blogoverflow -->
<target host="blogoverflow.com" />
<target host="www.blogoverflow.com" />
<!-- Mathoverflow -->
<target host="mathoverflow.net" />
<target host="www.mathoverflow.net" />
<target host="meta.mathoverflow.net" />
<!-- Serverfault -->
<target host="meta.serverfault.com" />
<target host="serverfault.com" />
<!-- Stackauth -->
<target host="stackauth.com" />
<target host="dev.stackauth.com" />
<!-- Stackexchange -->
<target host="stackexchange.com" />
<target host="*.stackexchange.com" />
<!-- This wildcard covers 125 subdomains -->
<test url="http://academia.stackexchange.com/" />
<test url="http://crypto.stackexchange.com/" />
<test url="http://reverseengineering.stackexchange.com/" />
<test url="http://unix.stackexchange.com/" />
<test url="http://writers.stackexchange.com/" />
<!-- gaming blog causes certificate mismatch errors -->
<exclusion pattern="^http://blog\.gaming\.stackexchange\.com"/>
<test url="http://blog.gaming.stackexchange.com/" />
<!-- this causes login issues on area51. See:
- https://area51.meta.stackexchange.com/questions/13597/area-51-openid-login-is-broken-with-https/27726
- https://github.com/EFForg/https-everywhere/issues/14452
- https://meta.stackexchange.com/questions/292058/network-wide-https-its-time/306308#306308
-->
<exclusion pattern="^http://area51\.stackexchange\.com/users/authenticate/\?s=" />
<test url="http://area51.stackexchange.com/users/authenticate/?s=" />
<test url="http://area51.stackexchange.com/users/authenticate/?s=11111111-1111-1111-1111-111111111111" />
<!-- Stackoverflow -->
<target host="stackoverflow.com" />
<target host="www.stackoverflow.com" />
<target host="chat.stackoverflow.com" />
<target host="careers.stackoverflow.com" />
<target host="email.stackoverflow.com" />
<target host="ja.stackoverflow.com" />
<target host="meta.stackoverflow.com" />
<target host="pt.stackoverflow.com" />
<target host="ru.stackoverflow.com" />
<target host="blog.stackoverflow.com" />
<target host="stackoverflow.blog" />
<target host="www.stackoverflow.blog" />
<target host="stackoverflow.email" />
<!-- Superuser -->
<target host="superuser.com" />
<target host="www.superuser.com" />
<target host="meta.superuser.com" />
<!-- Misc -->
<target host="sstatic.net" />
<target host="cdn.sstatic.net" />
<target host="cdn-chat.sstatic.net" />
<target host="stackapps.com" />
<target host="teststackoverflow.com" />
<target host="www.teststackoverflow.com" />
<!-- Securecookies -->
<!-- Blogoverflow -->
<securecookie host="^blogoverflow\.com$" name=".+" />
<!-- Askubuntu -->
<securecookie host="^askubuntu\.com$" name=".+" />
<securecookie host="^meta\.askubuntu.com$" name=".+" />
<!-- Mathoverflow -->
<securecookie host="^mathoverflow\.net$" name=".+" />
<securecookie host="^meta\.mathoverflow.net$" name=".+" />
<!-- Serverfault -->
<securecookie host="^clc\.serverfault\.com$" name=".+" />
<securecookie host="^meta\.serverfault\.com$" name=".+" />
<securecookie host="^serverfault\.com$" name=".+" />
<!-- Stackauth -->
<securecookie host="^stackauth\.com$" name=".+" />
<securecookie host="^dev\.stackauth\.com$" name=".+" />
<!-- Stackexchange -->
<securecookie host="^stackexchange\.com$" name=".+" />
<securecookie host="^([\w-]+)\.stackexchange\.com$" name=".+" />
<!-- Stackoverflow -->
<securecookie host="^chat\.stackoverflow\.com$" name=".+" />
<securecookie host="^careers\.stackoverflow\.com$" name=".+" />
<securecookie host="^ja\.stackoverflow\.com$" name=".+" />
<securecookie host="^meta\.stackoverflow\.com$" name=".+" />
<securecookie host="^pt\.stackoverflow\.com$" name=".+" />
<securecookie host="^ru\.stackoverflow\.com$" name=".+" />
<securecookie host="^stackoverflow\.com$" name=".+" />
<!-- Superuser -->
<securecookie host="^superuser\.com$" name=".+" />
<securecookie host="^meta\.superuser\.com$" name=".+" />
<!-- Misc -->
<securecookie host="^sstatic\.net$" name=".+" />
<securecookie host="^cdn\.sstatic\.net$" name=".+" />
<securecookie host="^cdn-chat\.sstatic\.net$" name=".+" />
<securecookie host="^stackapps\.com$" name=".+" />
<securecookie host="^teststackoverflow\.com$" name=".+" />
<!-- Rules -->
<!-- meta.* sites moved to *.meta - we can safely redirect to their new equivalents, which support https -->
<!-- details: https://meta.stackexchange.com/questions/292058/network-wide-https-its-time -->
<rule from="^http://meta\.([\w-]+)\.stackexchange\.com/" to="https://$1.meta.stackexchange.com/" />
<test url="http://meta.unix.stackexchange.com/" />
<test url="http://meta.opendata.stackexchange.com/" />
<rule from="^http://discuss\.area51\.stackexchange\.com/"
to="https://area51.meta.stackexchange.com/" />
<test url="http://discuss.area51.stackexchange.com/" />
<test url="http://discuss.area51.stackexchange.com/users/19476/kronos" />
<rule from="^http:" to="https:" />
</ruleset>
You can’t perform that action at this time.