src/chrome/content/rules/Wikimedia.xml


<!--

	Wikipedia and other Wikimedia Foundation wikis previously had no real HTTPS support, and
	URLs had to be rewritten to https://secure.wikimedia.org/$wikitype/$language/ . This is no
	longer the case, see https://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wikimedia-foundation-wikis/ ,
	so this file is a lot simpler these days.

	Insecure cookies are set for these domains and hosts:

		- .wikibooks.org
		- wikidata.org
		- .wikidata.org
		- www.wikidata.org
		- .wikimediafoundation.org
		- .wikipedia.org
		- en.wikipedia.org
		- .wikiversity.org


-->
<ruleset name="Wikimedia">

	<target host="enwp.org" />
	<target host="frwp.org" />

	<!-- Wikimedia Tool Labs -->
	<target host="*.wmflabs.org" />
	<target host="wmflabs.org" />
		<test url="http://accounts-dev.wmflabs.org/" />
		<test url="http://tools.wmflabs.org/" />
		<test url="http://paws.wmflabs.org/" />
		<test url="http://utrs.wmflabs.org/" />
		<test url="http://xtools.wmflabs.org/" />
		<test url="http://en.wikipedia.beta.wmflabs.org/" />

	<!-- Wikimedia chapters that support HTTPS, incomplete list -->

	<target host="wikimedia.ch" />
	<target host="*.wikimedia.ch" />
		<test url="http://www.wikimedia.ch/" />
		<test url="http://glam.wikimedia.ch/" />
		<test url="http://intern.wikimedia.ch/" />
		<test url="http://members.wikimedia.ch/" />
		<test url="http://portal.wikimedia.ch/" />
		<test url="http://test.wikimedia.ch/" />
		<test url="http://upload-www.wikimedia.ch/" />

	<!-- wikimedia.cz uses an invalid certificate, redirecting to www -->
	<target host="wikimedia.cz" />
	<target host="www.wikimedia.cz" />
	<target host="lists.wikimedia.cz" />
	<target host="tracker.wikimedia.cz" />
	<!--
		Known subdomains not supporting HTTPS or using an invalid certificate:
			* blog.wikimedia.cz
			* ceny.wikimedia.cz
			* chu.wikimedia.cz
			* facebook.wikimedia.cz
			* seniori.wikimedia.cz
			* studenti.wikimedia.cz
			* twitter.wikimedia.cz
	-->

	<target host="wikimedia.de" />
	<target host="*.wikimedia.de" />
		<!-- mismatch on tools.wikimedia.de -->
		<exclusion pattern="^http://tools\.wikimedia\.de/" />
			<test url="http://tools.wikimedia.de/" />
		<!-- incomplete cert chain on civicrm.wikimedia.de -->
		<exclusion pattern="^http://civicrm\.wikimedia\.de/" />
			<test url="http://civicrm.wikimedia.de/" />
		<test url="http://www.wikimedia.de/" />
		<test url="http://spenden.wikimedia.de/" />
		<test url="http://test.wikimedia.de/" />
		<test url="http://backend.wikimedia.de/" />
		<test url="http://ffw.wikimedia.de/" />
		<test url="http://wke.wikimedia.de/" />
		<test url="http://redmine.wikimedia.de/" />
		<test url="http://blog.wikimedia.de/" />

	<target host="wikimedia.es" />
	<target host="*.wikimedia.es" />
		<test url="http://www.wikimedia.es/" />
		<test url="http://blog.wikimedia.es/" />
		<test url="http://listas.wikimedia.es/" />
		<test url="http://servidor.wikimedia.es/" />
	<target host="wikilov.es" />
	<target host="www.wikilov.es" />

	<!-- (www.)wikimedia.or.id uses invalid certificate
	<target host="wikimedia.or.id" />
	<target host="www.wikimedia.or.id" />
	-->

	<target host="wikimedia.org.au" />
	<!-- All subdomains *.wikimedia.org.au use an invalid security certificate. -->

	<target host="wikimedia.org.il" />
	<target host="www.wikimedia.org.il" />
	<!--
		blog.wikimedia.org.il uses an invalid security certificate.
		The certificate is only valid for www.wikimedia.org.il and wikimedia.org.il.
	-->

	<target host="wikimedia.org.uk" />
	<target host="blog.wikimedia.org.uk" />
	<target host="donate.wikimedia.org.uk" />
	<target host="office.wikimedia.org.uk" />
	<target host="tech.wikimedia.org.uk" />
	<target host="www.wikimedia.org.uk" />
	<!--
		Known subdomains not supporting HTTPS or using an invalid certificate:
			* en.qrwp.wikimedia.org.uk
			* lists.wikimedia.org.uk
			* qrpedia.wikimedia.org.uk
			* qrwp.wikimedia.org.uk (redirects to qrpedia.org)
	-->

	<!-- Deprecated hosts -->
	<target host="toolserver.org" />
	<target host="www.toolserver.org" />

	<!--	Not secured by server: -->
	<!--securecookie host="^(?:www\.)?wikidata\.org$" name="^WMF-Last-Access$" /-->
	<!--securecookie host="^en\.wikipedia\.org$" name="^(CentralAuthAnon|mediaWiki\.user\.sessionId|uls-previous-languages)$" /-->

	<securecookie host="^(?:www\.)?mediawiki\.org$" name=".+" />
	<securecookie host="^\.wik(?:ibooks|idata|imedia|imediafoundation|inews|ipedia|iquote|isource|iversity|ivoyage|tionary)\.org$" name="^GeoIP$" />
	<securecookie host="^(?:[^@:/]+\.)?wik(?:ibooks|idata|inews|ipedia|iquote|isource|iversity|ivoyage|tionary)\.org$" name=".+" />
	<securecookie host="^(?:species|commons|meta|incubator|wikitech)\.wikimedia\.org$" name=".+" />
	<securecookie host="^wikimediafoundation\.org$" name=".+" />

	<rule from="^http://(en|fr)wp\.org/"
		to="https://$1.wikipedia.org/wiki/" />

	<rule from="^http://wikimedia\.cz/"
		to="https://www.wikimedia.cz/" />

	<rule from="^http://www\.wikimedia\.org\.uk/"
		to="https://wikimedia.org.uk/" />

	<rule from="^http:"
		to="https:" />
</ruleset>