现在的电信劫持广告都上了 https 了。。

2017-09-27 00:52:30 +08:00
 sola97

本来是路由器开网址过滤广告基本没有了,没想到现在换成 https 又来了
9677 次点击
所在节点    宽带症候群
12 条回复
sola97
2017-09-27 00:59:42 +08:00
oh
2017-09-27 02:10:02 +08:00
吓得我以为连 https 的都可以劫持了…
网易为啥不上 https 呢…
miaomiao888
2017-09-27 03:46:59 +08:00
吓得我以为连 https 的都可以劫持了…
popkara
2017-09-27 08:35:35 +08:00
@miaomiao888 Https 是不可能劫持的,这个要是劫持了问题可比几个广告厉害多了。
Tokin
2017-09-27 10:26:16 +08:00
可能劫持 A 怕被劫持 B 再劫持一刀吧。。。所以上了 https,哈哈哈
FlyingLion
2017-09-28 02:00:29 +08:00
#ShenZhenShiDingChengChuangTouHuLianWangJinRongFuWuYouXianGongSi's ADs
#深圳市鼎诚创投互联网金融服务有限公司
address=/dcct8.cn/127.255.255.255
address=/dcct8.com/127.255.255.255

#Yue Yu's ADs
#岳宇
address=/zhouyi1.com/127.255.255.255
address=/lvehaisen.com/127.255.255.255
address=/yiyuya.com/127.255.255.255
address=/yuyiya.com/127.255.255.255
address=/dwaed.com/127.255.255.255

#BeiJingYiMaZaiXianKeJiYouXianGongSi's ADs
#北京亿玛在线科技股份有限公司
address=/yiqifa.com/127.255.255.255
address=/emar.com.cn/127.255.255.255
address=/gouwuke.com/127.255.255.255
address=/eqiso.com/127.255.255.255
address=/yiqiso.com/127.255.255.255
address=/eqifa.com/127.255.255.255
address=/gouwubang.com/127.255.255.255
address=/eqigou.com/127.255.255.255
address=/adhudong.com/127.255.255.255
address=/hudongad.com/127.255.255.255
address=/yigao.com/127.255.255.255
coolcoffee
2017-09-28 16:58:44 +08:00
网易家是买不起证书吗? 貌似没见过网易家有 https 的
meteor
2017-09-30 17:54:43 +08:00
@coolcoffee 不是买不起,是不想买。证书免费的现在都有的。
tomhuang
2017-10-02 08:50:44 +08:00
@coolcoffee
网易的邮箱一直都有 ssl
coolcoffee
2017-10-02 13:03:23 +08:00
@tomhuang https://mail.163.com/ , 登陆界面 https 重定向到 http, 然后登陆以后手动改协议才能用 https,而且还引用了非 https 资源导致锁不是绿色的。
dfly0603
2017-10-03 12:58:44 +08:00
coolcoffee
2017-10-04 23:38:30 +08:00
@dfly0603 会重定向到 http 的,这和没有有什么区别?

➜ ~ curl https://yys.163.com/m/ -v
* Trying 101.227.102.199...
* TCP_NODELAY set
* Connected to yys.163.com (101.227.102.199) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=CN; ST=Zhejiang; L=Hangzhou; O=NetEase (Hangzhou) Network Co., Ltd; OU=Game Dept; CN=yys.163.com
* start date: Dec 8 00:00:00 2016 GMT
* expire date: Dec 8 23:59:59 2018 GMT
* subjectAltName: host "yys.163.com" matched cert's "yys.163.com"
* issuer: C=US; O=GeoTrust Inc.; CN=GeoTrust SSL CA - G3
* SSL certificate verify ok.
> GET /m/ HTTP/1.1
> Host: yys.163.com
> User-Agent: curl/7.54.0
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 301 Moved Permanently
< Server: Cdn Cache Server V2.0
< Date: Wed, 04 Oct 2017 15:36:10 GMT
< Content-Length: 0
< Location: http://yys.163.com/
<
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/393918

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX