EFForg · J0WI · Sep 16, 2017 · Aug 27, 2017 · Aug 27, 2017 · Aug 27, 2017
diff --git a/src/chrome/content/rules/USA_Today.com-problematic.xml b/src/chrome/content/rules/USA_Today.com-problematic.xml
diff --git a/src/chrome/content/rules/USA_Today.xml b/src/chrome/content/rules/USA_Today.xml
@@ -1,114 +1,40 @@
-
 <!--
-Disabled by https-everywhere-checker because:
-Fetch error: http://onlinestore.usatoday.com/ => https://onlinestore.usatoday.com/: (51, "SSL: no alternative certificate subject name matches target host name 'onlinestore.usatoday.com'")
-
-	For problematic rules, see USA_Today.com-problematic.xml.
-
 	For other Gannett Company coverage, see Gannett-Company.xml.
 
+	Note: usatoday.com has a wildcard DNS record.
 
-	CDN buckets:
-
-		- css.usatoday.com.edgesuite.net
-		- images.usatoday.com.edgesuite.net
-		- usatoday30.usatoday.com.edgesuite.net
-		- www.usatoday.com.edgesuite.net
-
-
-	Nonfunctional domains:
-
-		- crosswords.usatoday.com ¹
-		- css.usatoday.com ²
-		- ee.usatoday.com ²
-		- games.usatoday.com ³
-		- images.usatoday.com ²
-		- puzzles.usatoday.com ³
-		- usatoday30.usatoday.com ²
-		- video-network.usatoday.com ¹
-
-	¹ Refused
-	² 503, akamai
-	³ Dropped
-
-
-	 Problematic subdomains:
-
-		- ^ ¹
-		- college ²
-		- reg.e ³
-		- onlinestore ⁴
-		- static ⁵
-		- www ⁵
-
-	¹ Refused
-	² WordPress
-	³ ExactTarget
-	⁴ Nexternal
-	⁵ Akamai
-
-
-	Partially covered subdomains:
-
-		- (www.)? ¹	(^ → a248.e.akamai.net)
-		- onlinestore ²
+	Dropped:
+		- ^ (fixed by this ruleset)
+		- crosswords
+		- games
+		- puzzles
 
-	¹ Avoiding user-visible paths
-	² Pages redirect to http
-
-
-	Fully covered subdomains:
-
-		- offers
-		- portfoliotracker
-		- service
-		- videos
-
-
-	Mixed content:
-
-		- iframes, on:
-
-			- reg.e, static from www ¹
-			- www from api.recaptcha.net ²
-
-		- css, on:
-
-			- reg.e from css ⁴
-			- static from gannettdigital-static-web.s3.amazonaws.com ²
-			- reg.e, static, www from www.gannett-cdn.com ²
-
-		- Images, on:
-
-			- college from scontent-\w.cdinstagram.com ²
-			- www from www.gannett-cdn.com ³
-			- www from i.usatoday.net ⁴
-
-	¹ Not secured by us <= generates links to a248.e.akamai.net <= embeds self-relative links
-	² Secured by us
-	³ Some secured by us; others unsecurable <= 503
-	⁴ Unsecurable <= 503
+	Mismatched:
+		- ee (a248.e.akamai.net)
+		- reg.e (gannett.com)
+		- onlinestore (*.nexternal.com)
 
+	Redirect to HTTP:
+		- college
 -->
-<ruleset name="USA Today.com (partial)" default_off='failed ruleset test'>
 
-	<target host="onlinestore.usatoday.com" />
+<ruleset name="USA Today.com">
+	<target host="usatoday.com" />
+	<target host="www.usatoday.com" />
+	<target host="css.usatoday.com" />
+	<target host="images.usatoday.com" />
 	<target host="offers.usatoday.com" />
 	<target host="portfoliotracker.usatoday.com" />
 	<target host="service.usatoday.com" />
+	<target host="static.usatoday.com" />
+	<target host="usatoday30.usatoday.com" />
+	<target host="video-network.usatoday.com" />
 	<target host="videos.usatoday.com" />
-		<!--
-			news/ points links to akamai.net/$
-
-			global-plain.css links to resources relative to /
-
-		<exclusion pattern="^http://www\.usatoday\.com/(?:global-plain\.css|news/)" /-->
-
 
-	<rule from="^http://onlinestore\.usatoday\.com/Net/"
-		to="https://www.nexternal.com/Net/" />
+	<target host="usatodayw7vu5egc.onion" />
 
-	<rule from="^http:"
-		to="https:" />
+	<securecookie host=".+" name=".+" />
 
+	<rule from="^http://usatoday\.com/" to="https://www.usatoday.com/" />
+	<rule from="^http:" to="https:" />
 </ruleset>