[Bug Report] Erasing (for single scope) resets to default global scope rule (the one that the extension uses in new install). #248
Comments
|
Yes, for purpose of consistency, I should remove all temporary rules, which means not only Edit: Currently the behavior you see is because I revert to default factory rules for when there is not permanent scope counterpart, as seen here.
Edit: added third option for fix. Thinking more about it, I think 3 is the best compromise, I probably already went through all this in my head, hence why I implemented it this way. |
|
I will go with ii: Clear all temporary rules and copy again the type-based rules from global scope to the temporary local scope Going with i. is rather inconvenient, and going with iii. is causing HTTPSB to behave against user expectation, especially when using HTTPSB in a RequestPolicy-like mode. |
It's quite a bit hard to explain. By default, HTTPS only blacklists "Frame" and whitelists "IMG" and "CSS". The rest are greylisted.
To reproduce the bug, blacklist "COOKIE" (for example) in the global scope (*). Then enable auto-create temporary site-level scope. Go to a random website and make changes to the matrix. Using the erase all rule (4 erasers button) the matrix will reset to blacklist "Frame", "COOKIE" and whitelist "IMG", "CSS". However using the erase for this scope (single eraser), the matrix will reset to blacklist "Frame" and whitelist "IMG", "CSS". "COOKIE" is back to greylisted instead of blacklisted.
The text was updated successfully, but these errors were encountered: