Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop TLD from URL shortcut, add theintercept.com #3

Merged
merged 7 commits into from
Apr 27, 2020
Merged

Drop TLD from URL shortcut, add theintercept.com #3

merged 7 commits into from
Apr 27, 2020

Conversation

emkll
Copy link
Contributor

@emkll emkll commented Apr 24, 2020
edited
Loading

Closes #2

Per #2 (comment) , updates the naming scheme and adds The Intercept to the ruleset.

Test plan

  1. Open Tor Browser
  2. Type about:addons in the URL bar
  3. Click "HTTPS Everywhere"
  4. Click "Preferences"
  5. Click "Update Channels"
  6. Type "SecureDrop” and click "Add Update Channel"
  7. In JWK section, add release key (release-pubkey.jwk )
  8. In path prefix, add https://raw.githubusercontent.com/freedomofpress/securedrop-https-everywhere-ruleset/2-update-rules/
  9. Click update
  • You see "Stored rulesets version: 2020.4.27" appear
  • lucyparsonslabs.com.securedrop.tor.onion and lucyparsonslabs.securedrop.tor.onion should redirect you to http://qn4qfeeslglmwxgb.onion/
  • theintercept.securedrop.tor.onion should redirect you to http://xpxduj55x2j27l2qytu2tcetykyfxbjbafin3x4i3ywddzphkbrd3jyd.onion/
  • Other changes introduced here make sense

emkll added 6 commits April 23, 2020 10:17
@emkll
requirements.txt -> requirements.in
395fb85
@emkll
Add pip-tools to dev requirements, pin versions and hashes
30f6de4 
Update README to specify --require-hashes and --no-deps when pip installing to avoid downloading transive dependencies without version/hash pinning
@emkll
Drop TLD from onion URL shortcut
c5ab74a 
- https://news.com should have SecureDrop URL news.securedrop.tor.onion instead of news.com.securedrop.onion
- org_url + securedrop_tld = securedrop_redirect_url
- Also remove trailing newline from onboarded org url string
@emkll
Update url for existing instances
fa43902 
And preserve old lucyparsonslab.com
@emkll
Add theintercept.com
94f6fc9
@emkll
Add public.pem to gitignore
737d922 
This is the intermediate public key generated by make test-key
@emkll emkll requested a review from redshiftzero April 24, 2020 15:24
@redshiftzero
Copy link
Contributor

This looks great - all checks in the test plan LGTM. Sign away!

@emkll emkll marked this pull request as ready for review April 27, 2020 16:34
@emkll
Copy link
Contributor Author

emkll commented Apr 27, 2020

This is now ready for final review. I have deleted the old rulesets and their associated signatures. I assume they are used only for roll back and auditing purposes. Since we are preserving these it git history, it will help keep this repo cleaner at the cost of manual deletion work.

redshiftzero
redshiftzero approved these changes Apr 27, 2020
View reviewed changes
Copy link
Contributor

@redshiftzero redshiftzero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @emkll!

@redshiftzero redshiftzero merged commit b001ca3 into master Apr 27, 2020
@redshiftzero redshiftzero deleted the 2-update-rules branch April 27, 2020 17:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@redshiftzero redshiftzero redshiftzero approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Start populating ruleset on an opt-in basis
2 participants
@emkll @redshiftzero