issue with removing legacy redirection methods
Posted: Mon Mar 28, 2016 3:53 pm
I need those to force cross-site requests to https on http sites for security reasons. Can you bring it back?
NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/
I used it just fine but in version 2.9.0.7 legacy redirection methods was removed and now i can't force cross-site requests to https on http-only sites. For example i can't force imdb.com to https, and i need allow connection to media-imdb.com (which is supports https) with requestpolicy so i can load stylesheet from there throughout secure conncection, so i put ia.media-imdb.com in "noscript options > advanced > https" and its force just fine, but now its not work, i need legacy redirection methods back.barbaz wrote:if you need to force https then just use:
noscript options > advanced > https
Its forces sites in "noscript options > advanced > https" to https when they is available in HTTP channels, but it was removed in 2907 to fix YouTube embedding problem.Thrawn wrote:I don't understand; what "legacy redirection methods" are you talking about?
Code: Select all
v 2.9.0.7
=============================================================
x [HTTPS] Removed legacy redirection methods when redirectTo()
is available in HTTP channels, fixing YouTube embedding
problemOh, i was wrong, its force https after all, request log from requestpolicy just can't determinate propely that now, i can see it force in browser console and developer tools, i didn't thought about checking it with those before.barbaz wrote:https://noscript.net/changelog#2.9.0.7NoScript 2.9.0.10rc1 here, forcing HTTPS works fine for me.Code: Select all
v 2.9.0.7 ============================================================= x [HTTPS] Removed legacy redirection methods when redirectTo() is available in HTTP channels, fixing YouTube embedding problem
What browser are you using where this doesn't work?
How are you determining that it doesn't work?