Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 63 lines (45 sloc) 2.192 kb
99c7d5f automatically generate HTTPS Everywhere rules from Chromium's HSTS list!
Seth Schoen authored
1 #!/usr/bin/env python
2
3 # autogenerate sample versions of rules from Chromium browser's HSTS
4 # preload list (in the from-preloads/ directory)
5
6 import urllib2, re, glob, os
07ba682 new upstream URL for Chromium HSTS preloads
Seth Schoen authored
7 preloads = urllib2.urlopen("https://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state_static.h?content-type=text%2Fplain").read()
99c7d5f automatically generate HTTPS Everywhere rules from Chromium's HSTS list!
Seth Schoen authored
8
9 def escape(s):
10 return re.sub("\.", "\\.", s)
11
12 def make_rule(name, hosts):
13 output = """<!-- This rule was automatically generated based on an HSTS
14 preload rule in the Chromium browser. See
07ba682 new upstream URL for Chromium HSTS preloads
Seth Schoen authored
15 https://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state_static.h
99c7d5f automatically generate HTTPS Everywhere rules from Chromium's HSTS list!
Seth Schoen authored
16 for the list of preloads. Sites are added to the Chromium HSTS
17 preload list on request from their administrators, so HTTPS should
18 work properly everywhere on this site.
19
20 Because Chromium and derived browsers automatically force HTTPS for
21 every access to this site, this rule applies only to Firefox. -->\n"""
22 output += '<ruleset name="%s" platform="firefox">\n' % name.capitalize()
23 for h in hosts:
24 output += '<target host="%s" />\n' % h
25
26 output += "\n"
27
28 for h in hosts:
29 output += '<securecookie host="^%s$" name=".+" />\n' % escape(h)
30
31 output += "\n"
32
33 for h in hosts:
34 output += '<rule from="^http://%s/" to="https://%s/" />\n' % (escape(h), h)
35
36 output += "</ruleset>\n"
37 open("from-preloads/%s.xml" % name.capitalize(), "w").write(output)
38
39 t = re.compile('", true')
40 preloads = filter(t.search,preloads.split("\n"))
41
42 preloads = [x.split('"')[1] for x in preloads]
43 preloads = [re.sub('\\\\[0-9]*', '.', x) for x in preloads]
44 preloads = [re.sub('^\.', '', x) for x in preloads]
45
46 rules = [open(x).read() for x in glob.glob("src/chrome/content/rules/*.xml")]
47
48 d = {}
49 for x in preloads:
50 if any(map(re.compile(x).search, rules)):
51 print "Ignored existing domain", x
52 continue
53 domain = ".".join(x.split(".")[-2:])
54 d.setdefault(domain, []).append(x)
55
56 if not os.access("from-preloads", 0):
57 os.mkdir("from-preloads")
58
59 for k in d:
60 make_rule(k, d[k])
61
62 print "Please examine %d new rules in from-preloads/ directory." % len(d)
Something went wrong with that request. Please try again.