HomePhabricator

Add HSTS preload for wikipedia.org, refactor related regexes

Authored by BBlack.

Description

Add HSTS preload for wikipedia.org, refactor related regexes

At this point, all but one of our unified cert domains are "clean"
in that they have no subdomains that don't match the certs to
worry about. The odd man out is just wikimedia.org now, which
still needs a special match to only catch the exact hostnames
matching the cert.

This patch aligns the primary regexes for TLS redirects and HSTS
preload to be identical and match any hostname ending in any of
our unified-cert domains other than wikimedia.org.

wikimedia.org is moved to a separate clause for redirects, and
takes the default in the HSTS case (no preload/includesub).

Bug: T104244
Change-Id: If57e7110b6ec23abe26b2ecb3027017b073fa8a8

Details

Committed
BBlackJul 28 2015, 4:54 PM
Parents
rOPUP4f4d446d3460: cassandra: add restbase1007
Branches
Unknown
Tags
Unknown
References
refs/changes/55/227455/4
ChangeId
If57e7110b6ec23abe26b2ecb3027017b073fa8a8