HTTPS Everywhere Atlas

Embedded content loaded from third-party domains (for example, YouTube, Google Analytics, ad networks, or CDNs) may also be affected. You can test this by loading the web page in question in a browser with HTTPS Everywhere installed and pulling down the HTTPS Everywhere rules menu. This will show a list of HTTPS Everywhere rules that were applied as the page was loaded, including rules that might have affected embedded content from other domains.

The stable (as yet unreleased) branch contains the following rule that is enabled by default:

<!--
	Other Microsoft rulesets:
		- Acik_Akademi.com.xml
		- Afx.ms.xml
		- AKA.ms.xml
		- ASP.NET.xml
		- ASPNETcdn.com.xml
		- Azure.com.xml
		- AzurecomCDN.net.xml
		- Azure_websites.net.xml
		- Bing.xml
		- Bing.net.xml
		- Bing_Places.com.xml
		- Ch9.ms.xml
		- Codeplex.xml
		- Digital_WPC.com.xml
		- DreamSpark.com.xml
		- Dynamics.com.xml
		- Get_Tag.mobi.xml
		- Gfx.ms.xml
		- Halo.xml
		- Hotmail.co.jp.xml
		- Hotmail.co.uk.xml
		- Hotmail.com.xml
		- How-Old.net.xml
		- Live.xml
		- Live.net.xml
		- Live_filestore.com.xml
		- Microsoft-Atlas.xml
		- Microsoft_Online-p.com.xml
		- Microsoft_Online-p.net.xml
		- Microsoft_Online_Services.xml
		- Microsoft_Studios.com.xml
		- Microsoft_Translator.com.xml
		- Microsoft_Ventures.com.xml
		- Microsoft_Store.xml
		- Modern.IE.xml
		- Moreinterop.com.xml
		- MSDN.xml
		- Msecnd.net.xml
		- MSN.xml
		- MyMoustache.net.xml
		- Newsvine.com.xml
		- Office.com.xml
		- Office.net.xml
		- Office365.com.xml
		- OneDrive.com.xml
		- OneNote.com.xml
		- OneNote.net.xml
		- Onestore.ms.xml
		- Outlook_Live.xml
		- Photosynth.xml
		- PowerShell_Gallery.com.xml
		- Sfx.ms.xml
		- Skype_assets.com.xml
		- S-Microsoft.com.xml
		- S-msn.com.xml
		- So.cl.xml
		- Surface.com.xml
		- System_Center_Advisor.com.xml
		- Technet.com.xml
		- Technical_Community.com.xml
		- Translatoruser.net.xml
		- TwinsOrNot.Net.xml
		- VSIP_Program.com.xml
		- Virtualearth.net.xml
		- Visual_Studio.com.xml
		- WLxrs.com.xml
		- WPdev.ms.xml
		- Windows_Azure.xml
		- Windows.com.xml
		- Windows.net.xml
		- Windows_Phone.xml
		- Xbox.xml
		- Xbox_Live.com.xml
		- Yammer.xml


	CDN buckets:
		- i.g.mobile.ms.akadns.net	← i1.mobile.microsoft.com
		- i.g.social.ms.akadns.net	← i1.social.s-msft.com
		- res.windows.microsoft.com.edgesuite.net	← res2.windows.microsoft.com
		- wscont.apps.microsoft.com.edgesuite.net	← wscont[12].apps.microsoft.com
		- az12410.vo.msecnd.net
		- az373151.vo.msecnd.net	(used on imaginecup.com)
		- msstore.vo.msecnd.net
		- officeimg.vo.msecnd.net
	msnportalmobileisv.112.2o7.net


	Nonfunctional domains:
		- www.buildmypinnedsite.com
		- (www.)imaginecup.com ***
		- compete.imaginecup.com ***
		- microsoft.com subdomains:
			- adcenter (timeout)
			- www.bingads                  ᴹ
			- advertising.bingads          ᴹ
			- accountservices              ᴱ
			- cv1-1.am.bingads             ᴹ
			- adinsight.bcp.api.bingads    ᴹ
			- audience-si.bingads          ᴿ
			- ch1-c1.maf.api.bingads       ᴹ
			- audience.bingads             ᴹ
			- ui.bcp.bingads               ᴱ
			- internal.bc.bingads          ʳ
			- resources.bc.bingads         ʳ
			- adinquiry.bcp.bingads        ᴹ
			- secure.bcp.bingads           ᴹ
			- secure.beta.bingads          ᴹ
			- cam.bingads (timeout)
			- community.bingads            ᴹ
			- secure.eu.bingads            ᴹ
			- beta.express.bingads         ʳ
			- fd.bingads                   ᴹ
			- help.bingads                 ᴵ
			- internal.main.bingads        ᴿ
			- secure.main.bingads          ᴹ
			- express.next.bingads         ʳ
			- internal.next.bingads        ʳ
			- resources.next.bingads       ᴿ
			- nirvana.bingads              ᴿ
			- planner-int.bingads (timeout)
			- express.perf.bingads         ʳ
			- reportingapi.bingads         ᴿ
			- download.reportingapi.bingadsᴿ
			- si.bingads                   ᴹ
			- listmanager.beta.si.bingads  ᴱ
			- listmanager.si.bingads       ᴱ
			- c1_maf.api.si.bingads        ʳ
			- maf.api.si.bingads           ʳ
			- c1_download.api.si.bingads   ᴹ
			- c2_download.api.si.bingads   ᴹ
			- adinquiry.beta.si.bingads    ʳ
			- express.beta.si.bingads      ᴹ
			- help.beta.si.bingads         ʳ
			- irt.beta.si.bingads          ʳ
			- ccmt.si.bingads              ᴹ
			- editorialentitytracking.si.bingads ᴿ
			- irt.si.bingads               ʳ
			- reporting.si.bingads         ᴹ
			- secure.si.bingads            ᴹ
			- express.tip.bingads          ᴹ
			- innovation.connect  (redirects to connect.microsoft.com)
			- services.connect	  ᴹ
			- silverlight.dlservice *
			- web.esd *		      (esd, origin, origin-web, and web don't exist)
			- widgets.membership  ᴹ
			- apisandbox.msdn (expired)
			- samples.msdn        ᴿ
			- visualstudiogallery.msdn	(redirects to http, valid cert)
			- msevents (timeout)
			- logobuilder.mspartner ᴱ
			- mymfe               ʳ
			- news			(Redirects to http)
			- oem                 ᴿ
			- onlinehelp          ᴿ
			- i[1-3]?.onlinehelp  *
			- outlook ***
			- readytogo           ᴱ
			- academic.research ***
			- sharepoint		(redirects to login.live.com, cert valid)
			- signature         (expired)
			- services.social (cert-chain)
			- i1.services.social (cert-chain)
			- i2.services.social (cert-chain)
			- i3.services.social (cert-chain)
			- i4.services.social (cert-chain)
			- fud.community.services.support (ssl-error)
			- sysdev (ssl-error)
			- tag.microsoft.com   ᴿ
			- i1.gallery.technet  ᴹ
			- edir.windowsm		(404)
			- visio **
			- (www.)windows **
		- msimg.com
		- blog.surface.com		(handshake fails)
		- (www.)windowsteamblog.com
	ᴱ Expired
	ʳ Reset
	ᴿ Refused
	ᴹ Mismatch
	ᴵ Incomplete certificate chain
	* 503, akamai
	** 404, cert valid
	*** Times out


	Problematic domains:

		- microsoft.com subdomains:
			- ^			(mismatched, CN: *.microsoft.com)
			- (www.)? ¹
			- feedback.adcenter	(Dropped)
			- fp.advertising ⁴
			- apps			(works; mismatched, CN: *.apps.microsoft.com)
			- wscont[12].apps	(works, akamai)
			- i[1-4].connect *
			- silverlight.dlservice **
			- i\d **
			- ie	(mismatched, CN: *.azurewebsites.net)
			- i1.mobile **
			- i[1-4].code.msdn	(Mismatched)
			- i[23]?.msdn **
			- office365		(Dropped)
			- scache **
			- search **
			- spcache		(504, akamai)
			- img3.store		(mismatched)
			- i[23]?.technet **
			- social.technet
			- update *
			- www.update		(Untrusted root)
			- windowsupdate		(mismatched, untrusted root)
			- v[45].windowsupdate	(mismatched, untrusted root)
			- windows *
			- res[1-4].windows **

		- compass.surface.com **

	¹ Sets HSTS, thereby breaking oem/; however, Microsoft's website links to https://www....
	* Cert only matches www
	** akamai
	⁴ 404
	⁷ Mixed css from i3.technet.microsoft.com and i1.social.s-msft.com


	Partially covered microsoft.com subdomains:

		- learning ¹
		- snackbox		(→ learning.microsoft.com)
		- social.technet *
		- res[12].windows ³	(→ akamai)

	¹ Some pages redirect to http
	* Avoiding false/broken MCB
	³ Attempting to avoid breaking Silverlight: https://github.com/EFForg/https-everywhere/issues/2274#issuecomment-122752763


	m, mobile: Dropped over http & https

	Insecure cookies are set for these domains and hosts: ᶜ

		- .microsoft.com
		- account.microsoft.com
		- .bingads.microsoft.com
		- advertise.bingads.microsoft.com
		- careers.microsoft.com
		- choice.microsoft.com
		- connect.microsoft.com
		- info.microsoft.com
		- learning.microsoft.com
		- mbs.microsoft.com

		- msdn.microsoft.com
		- apisandbox.msdn.microsoft.com
		- .apisandbox.msdn.microsoft.com
		- code.msdn.microsoft.com
		- lab.msdn.microsoft.com
		- visualstudiogallery.msdn.microsoft.com

		- mspartner.microsoft.com
		- logobuilder.mspartner.microsoft.com

		- news.microsoft.com
		- .news.microsoft.com
		- training.partner.microsoft.com
		- gallery.technet.microsoft.com
		- social.technet.microsoft.com
		- support.microsoft.com
		- support2.microsoft.com
		- sxp.microsoft.com

	ᶜ See https://owasp.org/index.php/SecureFlag


	Mixed content:
		- css, on:
			- onlinehelp from i3.onlinehelp            *
			- social.technet from i3.technet           *
			- social.technet from i1.social.s-msft.com *
		- Fonts on careers from i.s-microsoft.com      *
		- Images, on:
			- blogs from mscorp.blob.core.windows.net  *
			- news from mscorpnews.blob.core.windows.net
			- onlinehelp from i.onlinehelp             *
			- support from $self                       *
			- smallbusiness.support from support
			- smallbusiness.support from www           *
			- social.technet from i1.social.s-msft.com *
			- sxp from az648995.vo.msecnd.net
			- sxp from blogs.technet.com
		- Bugs, on:
			- msdn from msstonojsmsdn.112.2o7.net       *
			- technet from msstonojstechnet.112.2o7.net *
			- social.technet from msstonojssocial.112.2o7.net *
			- careers, msdn, logobuilder.mspartner, pinpoint, technet, social.technet from m.webtrends.com
			- sxp from blogs.technet.com
	* Secured by us, see https://www.paulirish.com/2010/the-protocol-relative-url/
--><ruleset name="Microsoft.com (partial)">

	<!--	Direct rewrites:
				-->
	<target host="account.microsoft.com"/>
	<target host="advertising.microsoft.com"/>
	<target host="ajax.microsoft.com"/>
	<target host="answers.microsoft.com"/>
	<target host="wscont.apps.microsoft.com"/>
	<target host="azure.microsoft.com"/>

	<target host="bingads.microsoft.com"/>
	<target host="adinquiry.bingads.microsoft.com"/>
	<target host="ads.bingads.microsoft.com"/>
	<target host="adslabs.bingads.microsoft.com"/>
	<target host="advertise.bingads.microsoft.com"/>
		<test url="http://advertise.bingads.microsoft.com/en-us/bing-ads-support"/>
	<target host="www.advertise.bingads.microsoft.com"/>
	<target host="azure.bingads.microsoft.com"/>
	<target host="secure.azure.bingads.microsoft.com"/>
	<target host="ui.beta.bingads.microsoft.com"/>
	<target host="developers.bingads.microsoft.com"/>
	<target host="internal.bingads.microsoft.com"/>
	<target host="m.bingads.microsoft.com"/>
	<target host="si.m.bingads.microsoft.com"/>
	<target host="preview.bingads.microsoft.com"/>
	<target host="resources.bingads.microsoft.com"/>
	<target host="secure.bingads.microsoft.com"/>
	<target host="ucm.bingads.microsoft.com"/>
	<target host="ui.bingads.microsoft.com"/>

	<target host="blogs.microsoft.com"/>
	<target host="c1.microsoft.com"/>
	<target host="careers.microsoft.com"/>
	<target host="choice.microsoft.com"/>
	<target host="commerce.microsoft.com"/>
	<target host="compass-ssl.microsoft.com"/>
	<target host="connect.microsoft.com"/>
	<target host="developer.microsoft.com"/>
	<target host="download.microsoft.com"/>
	<target host="events.microsoft.com"/>
	<target host="social.expression.microsoft.com"/>
	<target host="g.microsoft.com"/>
	<target host="go.microsoft.com"/>
	<target host="go2.microsoft.com"/>
	<target host="i.microsoft.com"/>
	<target host="ieonline.microsoft.com"/>
	<target host="ignite.microsoft.com"/>
	<target host="info.microsoft.com"/>
	<target host="js.microsoft.com"/>
	<target host="learning.microsoft.com"/>
	<target host="mbs.microsoft.com"/>
	<target host="code.msdn.microsoft.com"/>
	<target host="msdn.microsoft.com"/>

	<target host="events.msdn.microsoft.com"/>
	<target host="lab.msdn.microsoft.com"/>
	<target host="social.msdn.microsoft.com"/>
	<target host="visualstudiogallery.msdn.microsoft.com"/>

	<target host="mspartner.microsoft.com"/>

	<target host="mvastorage.microsoft.com"/>
	<target host="news.microsoft.com"/>
	<target host="office.microsoft.com"/>
	<target host="office15client.microsoft.com"/>
	<target host="office2010.microsoft.com"/>
	<target host="officepreview.microsoft.com"/>
	<target host="officeredir.microsoft.com"/>
	<target host="o15.officeredir.microsoft.com"/>
	<target host="pinpoint.microsoft.com"/>
	<target host="privacy.microsoft.com"/>
	<target host="profile.microsoft.com"/>
	<target host="profileapi.services.microsoft.com"/>
	<target host="snackbox.microsoft.com"/>
	<target host="social.microsoft.com"/>

	<target host="corp.sts.microsoft.com"/>
	<target host="support.microsoft.com"/>
	<target host="support2.microsoft.com"/>
	<target host="sxp.microsoft.com"/>
	<target host="technet.microsoft.com"/>
	<target host="gallery.technet.microsoft.com"/>
	<target host="social.technet.microsoft.com"/>
	<target host="catalog.update.microsoft.com"/>
	<target host="www.catalog.update.microsoft.com"/>
	<target host="www.microsoft.com"/>

	<!--	Complications:
				-->
	<target host="microsoft.com"/>
	<target host="feedback.adcenter.microsoft.com"/>
	<target host="fp.advertising.microsoft.com"/>

	<target host="wscont1.apps.microsoft.com"/>
	<target host="wscont2.apps.microsoft.com"/>

	<target host="i2.microsoft.com"/>
	<target host="i3.microsoft.com"/>
	<target host="i4.microsoft.com"/>

	<target host="i1.code.msdn.microsoft.com"/>
	<target host="i2.code.msdn.microsoft.com"/>
	<target host="i3.code.msdn.microsoft.com"/>
	<target host="i4.code.msdn.microsoft.com"/>
	<target host="i.msdn.microsoft.com"/>
	<target host="i2.msdn.microsoft.com"/>
	<target host="i3.msdn.microsoft.com"/>

	<target host="office365.microsoft.com"/>
	<target host="scache.microsoft.com"/>

	<target host="i1.social.microsoft.com"/>
	<target host="i2.social.microsoft.com"/>
	<target host="i3.social.microsoft.com"/>
	<target host="i4.social.microsoft.com"/>

	<target host="spcache.microsoft.com"/>
	<target host="img3.store.microsoft.com"/>

	<target host="i1.gallery.technet.microsoft.com"/>
	<target host="i2.gallery.technet.microsoft.com"/>
	<target host="i3.gallery.technet.microsoft.com"/>
	<target host="i4.gallery.technet.microsoft.com"/>
	<target host="i.technet.microsoft.com"/>
	<target host="i2.technet.microsoft.com"/>
	<target host="i3.technet.microsoft.com"/>

	<target host="blogs.msdn.com"/>

		<!-- Produces a 502 Gateway Timeout on HTTPS.
				 Reported by tweet: https://twitter.com/MarcGLib/status/620931025653342208 -->
		<exclusion pattern="^http://www\.microsoft\.com/en-us/software-recovery"/>
			<test url="http://www.microsoft.com/en-us/software-recovery"/>

		<!--	https://mail1.eff.org/pipermail/https-everywhere-rules/2012-June/001189.html
											-->
		<!--exclusion pattern="^http://www\.microsoft\.com/.*[fF]amily[iI][dD]" /-->

		<!--	Microsoft won't serve OEM pages on https
								-->
		<!--exclusion pattern="^http://(?:www\.)?microsoft\.com/[oO][eE][mM]/" /-->

			<!--test url="http://www.microsoft.com/oem/en/pages/index.aspx" /-->

		<!--	Redirects to http:
						-->
		<!--exclusion pattern="^http://www\.microsoft\.com/Surface/\w\w-\w\w(?:$|[?/])" /-->

		<!--	Redirects to http:
						-->
		<!--exclusion pattern="^http://learning\.microsoft\.com/Manager/Catalog\.aspx" /-->
		<!--
			Exceptions:
					-->
		<exclusion pattern="^http://learning\.microsoft\.com/+(?!Resources/)"/>

			<!--	+ve:
					-->
			<test url="http://learning.microsoft.com/Manager/Catalog.aspx"/>
			<test url="http://learning.microsoft.com/manager/catalog.aspx"/>
			<test url="http://learning.microsoft.com/Manager/default.aspx"/>

			<!--	-ve:
					-->
			<test url="http://learning.microsoft.com/Resources/styles/Microsoft.css"/>
			<test url="http://learning.microsoft.com/Resources/Images/Learning/logo.png"/>

		<!--exclusion pattern="^http://code\.msdn\.microsoft\.com/(?![cC]content/|RequestReduceContent/)" /-->

			<test url="http://code.msdn.microsoft.com/vstudio/"/>

		<!--	Redirect to http:
						-->
		<exclusion pattern="^http://careers\.microsoft\.com/careers/\w\w/\w\w/"/>

			<!--	+ve:
					-->
			<test url="http://careers.microsoft.com/careers/en/us/university-apply-non-technical.aspx"/>
			<test url="http://careers.microsoft.com/careers/fr/fr/home.aspx"/>

			<!--	-ve:
					-->
			<test url="http://careers.microsoft.com/Css/LanguageBar.css"/>
			<test url="http://careers.microsoft.com/Images/gear.png"/>
			<test url="http://careers.microsoft.com/appliedjobs.aspx"/>
			<test url="http://careers.microsoft.com/favicon.ico"/>
			<test url="http://careers.microsoft.com/global/careers/RenderingAssets/FR.css"/>
			<test url="http://careers.microsoft.com/jobalerts.aspx"/>
			<test url="http://careers.microsoft.com/search.aspx"/>
			<test url="http://careers.microsoft.com/shared/core/2/css/css.ashx"/>
			<test url="http://careers.microsoft.com/shared/templates/master/gcmodern/images/msft-logo.png"/>

		<!--	Redirects to http:
						-->
		<!--exclusion pattern="^http://research\.microsoft\.com/(a/i/c/go\.png|en-us/$)" /-->

		<!--exclusion pattern="^http://social\.technet\.microsoft\.com/Forums(?:$|[?/])" /-->

			<!--	+ve:
					-->
			<test url="http://social.technet.microsoft.com/Forums"/>
			<test url="http://social.technet.microsoft.com/Forums/en-US/home"/>

		<!--
			Exceptions:
					-->
		<!--exclusion pattern="^http://careers\.microsoft\.com/+(?!Css/|Images/|(?:appliedjobs|jobalerts|search)\.aspx|favicon\.ico|global/|shared/)" /-->
		<!--	Avoid false/broken MCB:
						-->
		<exclusion pattern="http://social\.technet\.microsoft\.com/+wiki(?!/CustomWidgets/|/themes/|/Utility/)"/>

			<!--	+ve:
					-->
			<test url="http://social.technet.microsoft.com/wiki/contents/articles/wiki-about-technet-wiki.aspx"/>
			<test url="http://social.technet.microsoft.com/wiki/contents/articles/wiki-getting-started.aspx"/>
			<test url="http://social.technet.microsoft.com/wiki/contents/articles/wiki-how-to-contribute.aspx"/>
			<test url="http://social.technet.microsoft.com/wiki/contents/articles/wiki-how-to-get-help.aspx"/>
			<test url="http://social.technet.microsoft.com/wiki"/>
			<test url="http://social.technet.microsoft.com/wiki/"/>

		<!--	Needed for Windows 8+ Captive Portal Helper:
			See https://github.com/EFForg/https-everywhere/issues/835
						-->
		<exclusion pattern="^http://go\.microsoft\.com/fwlink/\?LinkID=219472(.*)"/>

			<!--	It's impossible to fill the test coverage
				quota for this, since \? is treated as ?
									-->
			<test url="http://go.microsoft.com/fwlink/?LinkID=219472"/>
			<test url="http://go.microsoft.com/fwlink/?LinkID=219472&amp;clcid"/>
			<test url="http://go.microsoft.com/fwlink/?LinkID=219472&amp;clcid=0x408"/>
			<test url="http://go.microsoft.com/fwlink/?LinkID=219472&amp;clcid=0x409"/>

		<!--	Formerly problematic:
						-->
		<test url="http://www.microsoft.com/en-us/health/default.aspx"/>
		<test url="http://www.microsoft.com/health"/>
		<test url="http://www.microsoft.com/security/default.aspx"/>


	<!--	Not secured by server:
					-->
	<!--securecookie host="^\.microsoft\.com$" name="^(A|FedCountryOfChoice|MC1|MS-CV|MS0|gssLANG|msdn|smcexpsessionticket|smcexpticket|smcflighting)$" /-->
	<!--securecookie host="^account\.microsoft\.com$" name="^oref$" /-->
	<!--securecookie host="^\.bingads\.microsoft\.com$" name="^ckyAdCenter$" /-->
	<!--securecookie host="^advertise\.bingads\.microsoft\.com$" name="^(?:ASP\.NET_sessionId|CMSCsrfCookie|CMSPreferredCulture|Campaign|Source)$" /-->
	<!--securecookie host="^(careers|support)\.microsoft\.com$" name="^ASP\.NET_SessionId$" /-->
	<!--securecookie host="^choice\.microsoft\.com$" name="^PPLState$" /-->
	<!--securecookie host="^(connect|mbs)\.microsoft\.com$" name="^BlueStripe\.PVN$" /-->
	<!--securecookie host="^info\.microsoft\.com$" name="^BIGipServer" /-->
	<!--securecookie host="^msdn\.microsoft\.com$" name="^(__RequestVerificationToken|TocHashCookie)$" /-->
	<!--securecookie host="^apisandbox\.msdn\.microsoft\.com$" name="^(ai_session|ai_user)$" /-->
	<!--securecookie host="^\.apisandbox\.msdn\.microsoft\.com$" name="^ARRAffinity$" /-->
	<!--securecookie host="^(code|visualstudiogallery)\.msdn\.microsoft\.com$" name="^ssostate$" /-->
	<!--securecookie host="^lab\.msdn\.microsoft\.com$" name="^ASP\.NET_SessionId$" /-->
	<!--securecookie host="^mspartner\.microsoft\.com$" name="^(ai_session|ai_user)$" /-->
	<!--securecookie host="^logobuilder\.mspartner\.microsoft\.com$" name="^(__RequestVerificationToken|UiLanguageCode)$" /-->
	<!--securecookie host="^news\.microsoft\.com$" name="^PHPSESSID$" /-->
	<!--securecookie host="^\.news\.microsoft\.com$" name="^ARRAffinity$" /-->
	<!--securecookie host="^training\.partner\.microsoft\.com$" name="^(ASP\.NET_SessionId|BlueStripe\.PVN|SUMTOTALAUTH)$" /-->
	<!--securecookie host="^support\.microsoft\.com$" name="^(\.ASPXANONYMOUS|SMC_SAGE|smcexpsessionticket|smcexpticket)$" /-->
	<!--securecookie host="^support2\.microsoft\.com$" name="^(\.ASPXANONYMOUS|GsfxSessionCookie|GsfxStatsLog)$" /-->
	<!--securecookie host="^smallbusiness\.support\.microsoft.com$" name="^(breadcrumb|culture|exitinfo)$" /-->
	<!--securecookie host="^sxp\.microsoft\.com$" name="^m0$" /-->
	<!--securecookie host="^\.technet\.microsoft\.com$" name="^AuthorizationCookie$" /-->
	<!--securecookie host="^gallery\.technet\.microsoft\.com$" name="^ssostate$" /-->
	<!--securecookie host="^social\.technet\.microsoft\.com$" name="^(\.ASPXANONYMOUS|__RequestVerificationToken_\w+|CSExtendedAnalytics(Session)?$" /-->
	<!--securecookie host="^www\.microsoft\.com$" name="^(defCulture|mslocale)$" /-->
	<!--securecookie host="^\.www\.microsoft\.com$" name="^MS-CV$" /-->

	<!--	A, MC1, MS0: Cookies set by c.microsoft.com
		s_.+: Other tracking cookies
						-->
	<securecookie host="^\.microsoft\.com$" name="^(?:A|GsfxStatsLog|MC1|MS0|OnlineTrackingV2\.0|R|RioTracking\..+|s_.+)$"/>
	<securecookie host="^(account|advertising|advertise\.bingads|choice|commerce|connect|\.?developer|download|ieonline|info|m|mbs|msdn|(\.?apisandbox|lab|visualstudiogallery)\.msdn|mspartner|logobuilder\.mspartner|\.?news|\.?office|office(15client|2010|preview|redir)|training\.partner|corp\.sts|\.?support|support2|sxp|gallery\.technet|\.?www)\.microsoft\.com$" name=".+"/>
	<securecookie host="^social\.technet\.microsoft\.com$" name="^CSExtendedAnalytics(?:Session)?$"/>


	<rule from="^http://(?:s(?:cache|earch|pcache)\.)?microsoft\.com/" to="https://www.microsoft.com/"/>

		<test url="http://scache.microsoft.com//"/>

	<!--	Redirect drops path, args, and forward slash:
								-->
	<rule from="^http://feedback\.adcenter\.microsoft\.com/.*" to="https://bingads.uservoice.com/"/>

		<test url="http://feedback.adcenter.microsoft.com/favicon.ico"/>

	<rule from="^http://fp\.advertising\.microsoft\.com/" to="https://advertising.microsoft.com/"/>

	<!--	Akamai without valid cert.
						-->
	<rule from="^http://i\d?\.(msdn|social|technet)\.microsoft\.com/" to="https://$1.microsoft.com/"/>

	<rule from="^http://wscont\d\.apps\.microsoft\.com/" to="https://wscont.apps.microsoft.com/"/>

	<rule from="^http://i\d\.microsoft\.com/" to="https://i.microsoft.com/"/>

	<rule from="^http://i\d\.(code\.msdn|gallery\.technet)\.microsoft\.com/" to="https://i1.$1.s-msft.com/"/>

		<test url="http://i1.code.msdn.microsoft.com/content/common/trans.gif"/>

	<!--	Redirect drops path, args, and forward slash:
								-->
	<rule from="^http://office365\.microsoft\.com/.*" to="https://www.microsoft.com/en-us/office365/"/>

		<test url="http://office365.microsoft.com/favicon.ico"/>

	<rule from="^http://img3\.store\.microsoft\.com/" to="https://msstore.vo.msecnd.net/"/>

	<rule from="^http:" to="https:"/>

</ruleset>

Microsoft.xml    File a bug

The release branch contains the following rules that are enabled by default:

<!--
	Other Microsoft rulesets:
		- Acik_Akademi.com.xml
		- Afx.ms.xml
		- AKA.ms.xml
		- ASP.NET.xml
		- ASPNETcdn.com.xml
		- Azure.com.xml
		- AzurecomCDN.net.xml
		- Azure_websites.net.xml
		- Bing.xml
		- Bing.net.xml
		- Bing_Places.com.xml
		- Ch9.ms.xml
		- Codeplex.xml
		- Digital_WPC.com.xml
		- DreamSpark.com.xml
		- Dynamics.com.xml
		- Get_Tag.mobi.xml
		- Gfx.ms.xml
		- Halo.xml
		- Hotmail.co.jp.xml
		- Hotmail.co.uk.xml
		- Hotmail.com.xml
		- How-Old.net.xml
		- Live.xml
		- Live.net.xml
		- Live_filestore.com.xml
		- Microsoft-Atlas.xml
		- Microsoft_Online-p.com.xml
		- Microsoft_Online-p.net.xml
		- Microsoft_Online_Services.xml
		- Microsoft_Studios.com.xml
		- Microsoft_Translator.com.xml
		- Microsoft_Ventures.com.xml
		- Microsoft_Store.xml
		- Modern.IE.xml
		- Moreinterop.com.xml
		- MSDN.xml
		- Msecnd.net.xml
		- MSN.xml
		- MyMoustache.net.xml
		- Newsvine.com.xml
		- Office.com.xml
		- Office.net.xml
		- Office365.com.xml
		- OneDrive.com.xml
		- OneNote.com.xml
		- OneNote.net.xml
		- Onestore.ms.xml
		- Outlook_Live.xml
		- Photosynth.xml
		- PowerShell_Gallery.com.xml
		- Sfx.ms.xml
		- Skype_assets.com.xml
		- S-Microsoft.com.xml
		- S-msn.com.xml
		- So.cl.xml
		- Surface.com.xml
		- System_Center_Advisor.com.xml
		- Technet.com.xml
		- Technical_Community.com.xml
		- Translatoruser.net.xml
		- TwinsOrNot.Net.xml
		- VSIP_Program.com.xml
		- Virtualearth.net.xml
		- Visual_Studio.com.xml
		- WLxrs.com.xml
		- WPdev.ms.xml
		- Windows_Azure.xml
		- Windows.com.xml
		- Windows.net.xml
		- Windows_Phone.xml
		- Xbox.xml
		- Xbox_Live.com.xml
		- Yammer.xml


	CDN buckets:
		- i.g.mobile.ms.akadns.net	← i1.mobile.microsoft.com
		- i.g.social.ms.akadns.net	← i1.social.s-msft.com
		- res.windows.microsoft.com.edgesuite.net	← res2.windows.microsoft.com
		- wscont.apps.microsoft.com.edgesuite.net	← wscont[12].apps.microsoft.com
		- az12410.vo.msecnd.net
		- az373151.vo.msecnd.net	(used on imaginecup.com)
		- msstore.vo.msecnd.net
		- officeimg.vo.msecnd.net
	msnportalmobileisv.112.2o7.net


	Nonfunctional domains:
		- www.buildmypinnedsite.com
		- (www.)imaginecup.com ***
		- compete.imaginecup.com ***
		- microsoft.com subdomains:
			- adcenter (timeout)
			- www.bingads                  ᴹ
			- advertising.bingads          ᴹ
			- accountservices              ᴱ
			- cv1-1.am.bingads             ᴹ
			- adinsight.bcp.api.bingads    ᴹ
			- audience-si.bingads          ᴿ
			- ch1-c1.maf.api.bingads       ᴹ
			- audience.bingads             ᴹ
			- ui.bcp.bingads               ᴱ
			- internal.bc.bingads          ʳ
			- resources.bc.bingads         ʳ
			- adinquiry.bcp.bingads        ᴹ
			- secure.bcp.bingads           ᴹ
			- secure.beta.bingads          ᴹ
			- cam.bingads (timeout)
			- community.bingads            ᴹ
			- secure.eu.bingads            ᴹ
			- beta.express.bingads         ʳ
			- fd.bingads                   ᴹ
			- help.bingads                 ᴵ
			- internal.main.bingads        ᴿ
			- secure.main.bingads          ᴹ
			- express.next.bingads         ʳ
			- internal.next.bingads        ʳ
			- resources.next.bingads       ᴿ
			- nirvana.bingads              ᴿ
			- planner-int.bingads (timeout)
			- express.perf.bingads         ʳ
			- reportingapi.bingads         ᴿ
			- download.reportingapi.bingadsᴿ
			- si.bingads                   ᴹ
			- listmanager.beta.si.bingads  ᴱ
			- listmanager.si.bingads       ᴱ
			- c1_maf.api.si.bingads        ʳ
			- maf.api.si.bingads           ʳ
			- c1_download.api.si.bingads   ᴹ
			- c2_download.api.si.bingads   ᴹ
			- adinquiry.beta.si.bingads    ʳ
			- express.beta.si.bingads      ᴹ
			- help.beta.si.bingads         ʳ
			- irt.beta.si.bingads          ʳ
			- ccmt.si.bingads              ᴹ
			- editorialentitytracking.si.bingads ᴿ
			- irt.si.bingads               ʳ
			- reporting.si.bingads         ᴹ
			- secure.si.bingads            ᴹ
			- express.tip.bingads          ᴹ
			- innovation.connect  (redirects to connect.microsoft.com)
			- services.connect	  ᴹ
			- silverlight.dlservice *
			- web.esd *		      (esd, origin, origin-web, and web don't exist)
			- widgets.membership  ᴹ
			- apisandbox.msdn (expired)
			- samples.msdn        ᴿ
			- visualstudiogallery.msdn	(redirects to http, valid cert)
			- msevents (timeout)
			- logobuilder.mspartner ᴱ
			- mymfe               ʳ
			- news			(Redirects to http)
			- oem                 ᴿ
			- onlinehelp          ᴿ
			- i[1-3]?.onlinehelp  *
			- outlook ***
			- readytogo           ᴱ
			- academic.research ***
			- sharepoint		(redirects to login.live.com, cert valid)
			- signature         (expired)
			- services.social (cert-chain)
			- i1.services.social (cert-chain)
			- i2.services.social (cert-chain)
			- i3.services.social (cert-chain)
			- i4.services.social (cert-chain)
			- fud.community.services.support (ssl-error)
			- sysdev (ssl-error)
			- tag.microsoft.com   ᴿ
			- i1.gallery.technet  ᴹ
			- edir.windowsm		(404)
			- visio **
			- (www.)windows **
		- msimg.com
		- blog.surface.com		(handshake fails)
		- (www.)windowsteamblog.com
	ᴱ Expired
	ʳ Reset
	ᴿ Refused
	ᴹ Mismatch
	ᴵ Incomplete certificate chain
	* 503, akamai
	** 404, cert valid
	*** Times out


	Problematic domains:

		- microsoft.com subdomains:
			- ^			(mismatched, CN: *.microsoft.com)
			- (www.)? ¹
			- feedback.adcenter	(Dropped)
			- fp.advertising ⁴
			- apps			(works; mismatched, CN: *.apps.microsoft.com)
			- wscont[12].apps	(works, akamai)
			- i[1-4].connect *
			- silverlight.dlservice **
			- i\d **
			- ie	(mismatched, CN: *.azurewebsites.net)
			- i1.mobile **
			- i[1-4].code.msdn	(Mismatched)
			- i[23]?.msdn **
			- office365		(Dropped)
			- scache **
			- search **
			- spcache		(504, akamai)
			- img3.store		(mismatched)
			- i[23]?.technet **
			- social.technet
			- update *
			- www.update		(Untrusted root)
			- windowsupdate		(mismatched, untrusted root)
			- v[45].windowsupdate	(mismatched, untrusted root)
			- windows *
			- res[1-4].windows **

		- compass.surface.com **

	¹ Sets HSTS, thereby breaking oem/; however, Microsoft's website links to https://www....
	* Cert only matches www
	** akamai
	⁴ 404
	⁷ Mixed css from i3.technet.microsoft.com and i1.social.s-msft.com


	Partially covered microsoft.com subdomains:

		- learning ¹
		- snackbox		(→ learning.microsoft.com)
		- social.technet *
		- res[12].windows ³	(→ akamai)

	¹ Some pages redirect to http
	* Avoiding false/broken MCB
	³ Attempting to avoid breaking Silverlight: https://github.com/EFForg/https-everywhere/issues/2274#issuecomment-122752763


	m, mobile: Dropped over http & https

	Insecure cookies are set for these domains and hosts: ᶜ

		- .microsoft.com
		- account.microsoft.com
		- .bingads.microsoft.com
		- advertise.bingads.microsoft.com
		- careers.microsoft.com
		- choice.microsoft.com
		- connect.microsoft.com
		- info.microsoft.com
		- learning.microsoft.com
		- mbs.microsoft.com

		- msdn.microsoft.com
		- apisandbox.msdn.microsoft.com
		- .apisandbox.msdn.microsoft.com
		- code.msdn.microsoft.com
		- lab.msdn.microsoft.com
		- visualstudiogallery.msdn.microsoft.com

		- mspartner.microsoft.com
		- logobuilder.mspartner.microsoft.com

		- news.microsoft.com
		- .news.microsoft.com
		- training.partner.microsoft.com
		- gallery.technet.microsoft.com
		- social.technet.microsoft.com
		- support.microsoft.com
		- support2.microsoft.com
		- sxp.microsoft.com

	ᶜ See https://owasp.org/index.php/SecureFlag


	Mixed content:
		- css, on:
			- onlinehelp from i3.onlinehelp            *
			- social.technet from i3.technet           *
			- social.technet from i1.social.s-msft.com *
		- Fonts on careers from i.s-microsoft.com      *
		- Images, on:
			- blogs from mscorp.blob.core.windows.net  *
			- news from mscorpnews.blob.core.windows.net
			- onlinehelp from i.onlinehelp             *
			- support from $self                       *
			- smallbusiness.support from support
			- smallbusiness.support from www           *
			- social.technet from i1.social.s-msft.com *
			- sxp from az648995.vo.msecnd.net
			- sxp from blogs.technet.com
		- Bugs, on:
			- msdn from msstonojsmsdn.112.2o7.net       *
			- technet from msstonojstechnet.112.2o7.net *
			- social.technet from msstonojssocial.112.2o7.net *
			- careers, msdn, logobuilder.mspartner, pinpoint, technet, social.technet from m.webtrends.com
			- sxp from blogs.technet.com
	* Secured by us, see https://www.paulirish.com/2010/the-protocol-relative-url/
--><ruleset name="Microsoft.com (partial)">

	<!--	Direct rewrites:
				-->
	<target host="account.microsoft.com"/>
	<target host="advertising.microsoft.com"/>
	<target host="ajax.microsoft.com"/>
	<target host="answers.microsoft.com"/>
	<target host="wscont.apps.microsoft.com"/>
	<target host="azure.microsoft.com"/>

	<target host="bingads.microsoft.com"/>
	<target host="adinquiry.bingads.microsoft.com"/>
	<target host="ads.bingads.microsoft.com"/>
	<target host="adslabs.bingads.microsoft.com"/>
	<target host="advertise.bingads.microsoft.com"/>
		<test url="http://advertise.bingads.microsoft.com/en-us/bing-ads-support"/>
	<target host="www.advertise.bingads.microsoft.com"/>
	<target host="azure.bingads.microsoft.com"/>
	<target host="secure.azure.bingads.microsoft.com"/>
	<target host="ui.beta.bingads.microsoft.com"/>
	<target host="developers.bingads.microsoft.com"/>
	<target host="internal.bingads.microsoft.com"/>
	<target host="m.bingads.microsoft.com"/>
	<target host="si.m.bingads.microsoft.com"/>
	<target host="preview.bingads.microsoft.com"/>
	<target host="resources.bingads.microsoft.com"/>
	<target host="secure.bingads.microsoft.com"/>
	<target host="ucm.bingads.microsoft.com"/>
	<target host="ui.bingads.microsoft.com"/>

	<target host="blogs.microsoft.com"/>
	<target host="c1.microsoft.com"/>
	<target host="careers.microsoft.com"/>
	<target host="choice.microsoft.com"/>
	<target host="commerce.microsoft.com"/>
	<target host="compass-ssl.microsoft.com"/>
	<target host="connect.microsoft.com"/>
	<target host="developer.microsoft.com"/>
	<target host="download.microsoft.com"/>
	<target host="events.microsoft.com"/>
	<target host="social.expression.microsoft.com"/>
	<target host="g.microsoft.com"/>
	<target host="go.microsoft.com"/>
	<target host="go2.microsoft.com"/>
	<target host="i.microsoft.com"/>
	<target host="ieonline.microsoft.com"/>
	<target host="ignite.microsoft.com"/>
	<target host="info.microsoft.com"/>
	<target host="js.microsoft.com"/>
	<target host="learning.microsoft.com"/>
	<target host="mbs.microsoft.com"/>
	<target host="code.msdn.microsoft.com"/>
	<target host="msdn.microsoft.com"/>

	<target host="events.msdn.microsoft.com"/>
	<target host="lab.msdn.microsoft.com"/>
	<target host="social.msdn.microsoft.com"/>
	<target host="visualstudiogallery.msdn.microsoft.com"/>

	<target host="mspartner.microsoft.com"/>

	<target host="mvastorage.microsoft.com"/>
	<target host="news.microsoft.com"/>
	<target host="office.microsoft.com"/>
	<target host="office15client.microsoft.com"/>
	<target host="office2010.microsoft.com"/>
	<target host="officepreview.microsoft.com"/>
	<target host="officeredir.microsoft.com"/>
	<target host="o15.officeredir.microsoft.com"/>
	<target host="pinpoint.microsoft.com"/>
	<target host="privacy.microsoft.com"/>
	<target host="profile.microsoft.com"/>
	<target host="profileapi.services.microsoft.com"/>
	<target host="snackbox.microsoft.com"/>
	<target host="social.microsoft.com"/>

	<target host="corp.sts.microsoft.com"/>
	<target host="support.microsoft.com"/>
	<target host="support2.microsoft.com"/>
	<target host="sxp.microsoft.com"/>
	<target host="technet.microsoft.com"/>
	<target host="gallery.technet.microsoft.com"/>
	<target host="social.technet.microsoft.com"/>
	<target host="catalog.update.microsoft.com"/>
	<target host="www.catalog.update.microsoft.com"/>
	<target host="www.microsoft.com"/>

	<!--	Complications:
				-->
	<target host="microsoft.com"/>
	<target host="feedback.adcenter.microsoft.com"/>
	<target host="fp.advertising.microsoft.com"/>

	<target host="wscont1.apps.microsoft.com"/>
	<target host="wscont2.apps.microsoft.com"/>

	<target host="i2.microsoft.com"/>
	<target host="i3.microsoft.com"/>
	<target host="i4.microsoft.com"/>

	<target host="i1.code.msdn.microsoft.com"/>
	<target host="i2.code.msdn.microsoft.com"/>
	<target host="i3.code.msdn.microsoft.com"/>
	<target host="i4.code.msdn.microsoft.com"/>
	<target host="i.msdn.microsoft.com"/>
	<target host="i2.msdn.microsoft.com"/>
	<target host="i3.msdn.microsoft.com"/>

	<target host="office365.microsoft.com"/>
	<target host="scache.microsoft.com"/>

	<target host="i1.social.microsoft.com"/>
	<target host="i2.social.microsoft.com"/>
	<target host="i3.social.microsoft.com"/>
	<target host="i4.social.microsoft.com"/>

	<target host="spcache.microsoft.com"/>
	<target host="img3.store.microsoft.com"/>

	<target host="i1.gallery.technet.microsoft.com"/>
	<target host="i2.gallery.technet.microsoft.com"/>
	<target host="i3.gallery.technet.microsoft.com"/>
	<target host="i4.gallery.technet.microsoft.com"/>
	<target host="i.technet.microsoft.com"/>
	<target host="i2.technet.microsoft.com"/>
	<target host="i3.technet.microsoft.com"/>

	<target host="blogs.msdn.com"/>

		<!-- Produces a 502 Gateway Timeout on HTTPS.
				 Reported by tweet: https://twitter.com/MarcGLib/status/620931025653342208 -->
		<exclusion pattern="^http://www\.microsoft\.com/en-us/software-recovery"/>
			<test url="http://www.microsoft.com/en-us/software-recovery"/>

		<!--	https://mail1.eff.org/pipermail/https-everywhere-rules/2012-June/001189.html
											-->
		<!--exclusion pattern="^http://www\.microsoft\.com/.*[fF]amily[iI][dD]" /-->

		<!--	Microsoft won't serve OEM pages on https
								-->
		<!--exclusion pattern="^http://(?:www\.)?microsoft\.com/[oO][eE][mM]/" /-->

			<!--test url="http://www.microsoft.com/oem/en/pages/index.aspx" /-->

		<!--	Redirects to http:
						-->
		<!--exclusion pattern="^http://www\.microsoft\.com/Surface/\w\w-\w\w(?:$|[?/])" /-->

		<!--	Redirects to http:
						-->
		<!--exclusion pattern="^http://learning\.microsoft\.com/Manager/Catalog\.aspx" /-->
		<!--
			Exceptions:
					-->
		<exclusion pattern="^http://learning\.microsoft\.com/+(?!Resources/)"/>

			<!--	+ve:
					-->
			<test url="http://learning.microsoft.com/Manager/Catalog.aspx"/>
			<test url="http://learning.microsoft.com/manager/catalog.aspx"/>
			<test url="http://learning.microsoft.com/Manager/default.aspx"/>

			<!--	-ve:
					-->
			<test url="http://learning.microsoft.com/Resources/styles/Microsoft.css"/>
			<test url="http://learning.microsoft.com/Resources/Images/Learning/logo.png"/>

		<!--exclusion pattern="^http://code\.msdn\.microsoft\.com/(?![cC]content/|RequestReduceContent/)" /-->

			<test url="http://code.msdn.microsoft.com/vstudio/"/>

		<!--	Redirect to http:
						-->
		<exclusion pattern="^http://careers\.microsoft\.com/careers/\w\w/\w\w/"/>

			<!--	+ve:
					-->
			<test url="http://careers.microsoft.com/careers/en/us/university-apply-non-technical.aspx"/>
			<test url="http://careers.microsoft.com/careers/fr/fr/home.aspx"/>

			<!--	-ve:
					-->
			<test url="http://careers.microsoft.com/Css/LanguageBar.css"/>
			<test url="http://careers.microsoft.com/Images/gear.png"/>
			<test url="http://careers.microsoft.com/appliedjobs.aspx"/>
			<test url="http://careers.microsoft.com/favicon.ico"/>
			<test url="http://careers.microsoft.com/global/careers/RenderingAssets/FR.css"/>
			<test url="http://careers.microsoft.com/jobalerts.aspx"/>
			<test url="http://careers.microsoft.com/search.aspx"/>
			<test url="http://careers.microsoft.com/shared/core/2/css/css.ashx"/>
			<test url="http://careers.microsoft.com/shared/templates/master/gcmodern/images/msft-logo.png"/>

		<!--	Redirects to http:
						-->
		<!--exclusion pattern="^http://research\.microsoft\.com/(a/i/c/go\.png|en-us/$)" /-->

		<!--exclusion pattern="^http://social\.technet\.microsoft\.com/Forums(?:$|[?/])" /-->

			<!--	+ve:
					-->
			<test url="http://social.technet.microsoft.com/Forums"/>
			<test url="http://social.technet.microsoft.com/Forums/en-US/home"/>

		<!--
			Exceptions:
					-->
		<!--exclusion pattern="^http://careers\.microsoft\.com/+(?!Css/|Images/|(?:appliedjobs|jobalerts|search)\.aspx|favicon\.ico|global/|shared/)" /-->
		<!--	Avoid false/broken MCB:
						-->
		<exclusion pattern="http://social\.technet\.microsoft\.com/+wiki(?!/CustomWidgets/|/themes/|/Utility/)"/>

			<!--	+ve:
					-->
			<test url="http://social.technet.microsoft.com/wiki/contents/articles/wiki-about-technet-wiki.aspx"/>
			<test url="http://social.technet.microsoft.com/wiki/contents/articles/wiki-getting-started.aspx"/>
			<test url="http://social.technet.microsoft.com/wiki/contents/articles/wiki-how-to-contribute.aspx"/>
			<test url="http://social.technet.microsoft.com/wiki/contents/articles/wiki-how-to-get-help.aspx"/>
			<test url="http://social.technet.microsoft.com/wiki"/>
			<test url="http://social.technet.microsoft.com/wiki/"/>

		<!--	Needed for Windows 8+ Captive Portal Helper:
			See https://github.com/EFForg/https-everywhere/issues/835
						-->
		<exclusion pattern="^http://go\.microsoft\.com/fwlink/\?LinkID=219472(.*)"/>

			<!--	It's impossible to fill the test coverage
				quota for this, since \? is treated as ?
									-->
			<test url="http://go.microsoft.com/fwlink/?LinkID=219472"/>
			<test url="http://go.microsoft.com/fwlink/?LinkID=219472&amp;clcid"/>
			<test url="http://go.microsoft.com/fwlink/?LinkID=219472&amp;clcid=0x408"/>
			<test url="http://go.microsoft.com/fwlink/?LinkID=219472&amp;clcid=0x409"/>

		<!--	Formerly problematic:
						-->
		<test url="http://www.microsoft.com/en-us/health/default.aspx"/>
		<test url="http://www.microsoft.com/health"/>
		<test url="http://www.microsoft.com/security/default.aspx"/>


	<!--	Not secured by server:
					-->
	<!--securecookie host="^\.microsoft\.com$" name="^(A|FedCountryOfChoice|MC1|MS-CV|MS0|gssLANG|msdn|smcexpsessionticket|smcexpticket|smcflighting)$" /-->
	<!--securecookie host="^account\.microsoft\.com$" name="^oref$" /-->
	<!--securecookie host="^\.bingads\.microsoft\.com$" name="^ckyAdCenter$" /-->
	<!--securecookie host="^advertise\.bingads\.microsoft\.com$" name="^(?:ASP\.NET_sessionId|CMSCsrfCookie|CMSPreferredCulture|Campaign|Source)$" /-->
	<!--securecookie host="^(careers|support)\.microsoft\.com$" name="^ASP\.NET_SessionId$" /-->
	<!--securecookie host="^choice\.microsoft\.com$" name="^PPLState$" /-->
	<!--securecookie host="^(connect|mbs)\.microsoft\.com$" name="^BlueStripe\.PVN$" /-->
	<!--securecookie host="^info\.microsoft\.com$" name="^BIGipServer" /-->
	<!--securecookie host="^msdn\.microsoft\.com$" name="^(__RequestVerificationToken|TocHashCookie)$" /-->
	<!--securecookie host="^apisandbox\.msdn\.microsoft\.com$" name="^(ai_session|ai_user)$" /-->
	<!--securecookie host="^\.apisandbox\.msdn\.microsoft\.com$" name="^ARRAffinity$" /-->
	<!--securecookie host="^(code|visualstudiogallery)\.msdn\.microsoft\.com$" name="^ssostate$" /-->
	<!--securecookie host="^lab\.msdn\.microsoft\.com$" name="^ASP\.NET_SessionId$" /-->
	<!--securecookie host="^mspartner\.microsoft\.com$" name="^(ai_session|ai_user)$" /-->
	<!--securecookie host="^logobuilder\.mspartner\.microsoft\.com$" name="^(__RequestVerificationToken|UiLanguageCode)$" /-->
	<!--securecookie host="^news\.microsoft\.com$" name="^PHPSESSID$" /-->
	<!--securecookie host="^\.news\.microsoft\.com$" name="^ARRAffinity$" /-->
	<!--securecookie host="^training\.partner\.microsoft\.com$" name="^(ASP\.NET_SessionId|BlueStripe\.PVN|SUMTOTALAUTH)$" /-->
	<!--securecookie host="^support\.microsoft\.com$" name="^(\.ASPXANONYMOUS|SMC_SAGE|smcexpsessionticket|smcexpticket)$" /-->
	<!--securecookie host="^support2\.microsoft\.com$" name="^(\.ASPXANONYMOUS|GsfxSessionCookie|GsfxStatsLog)$" /-->
	<!--securecookie host="^smallbusiness\.support\.microsoft.com$" name="^(breadcrumb|culture|exitinfo)$" /-->
	<!--securecookie host="^sxp\.microsoft\.com$" name="^m0$" /-->
	<!--securecookie host="^\.technet\.microsoft\.com$" name="^AuthorizationCookie$" /-->
	<!--securecookie host="^gallery\.technet\.microsoft\.com$" name="^ssostate$" /-->
	<!--securecookie host="^social\.technet\.microsoft\.com$" name="^(\.ASPXANONYMOUS|__RequestVerificationToken_\w+|CSExtendedAnalytics(Session)?$" /-->
	<!--securecookie host="^www\.microsoft\.com$" name="^(defCulture|mslocale)$" /-->
	<!--securecookie host="^\.www\.microsoft\.com$" name="^MS-CV$" /-->

	<!--	A, MC1, MS0: Cookies set by c.microsoft.com
		s_.+: Other tracking cookies
						-->
	<securecookie host="^\.microsoft\.com$" name="^(?:A|GsfxStatsLog|MC1|MS0|OnlineTrackingV2\.0|R|RioTracking\..+|s_.+)$"/>
	<securecookie host="^(account|advertising|advertise\.bingads|choice|commerce|connect|\.?developer|download|ieonline|info|m|mbs|msdn|(\.?apisandbox|lab|visualstudiogallery)\.msdn|mspartner|logobuilder\.mspartner|\.?news|\.?office|office(15client|2010|preview|redir)|training\.partner|corp\.sts|\.?support|support2|sxp|gallery\.technet|\.?www)\.microsoft\.com$" name=".+"/>
	<securecookie host="^social\.technet\.microsoft\.com$" name="^CSExtendedAnalytics(?:Session)?$"/>


	<rule from="^http://(?:s(?:cache|earch|pcache)\.)?microsoft\.com/" to="https://www.microsoft.com/"/>

		<test url="http://scache.microsoft.com//"/>

	<!--	Redirect drops path, args, and forward slash:
								-->
	<rule from="^http://feedback\.adcenter\.microsoft\.com/.*" to="https://bingads.uservoice.com/"/>

		<test url="http://feedback.adcenter.microsoft.com/favicon.ico"/>

	<rule from="^http://fp\.advertising\.microsoft\.com/" to="https://advertising.microsoft.com/"/>

	<!--	Akamai without valid cert.
						-->
	<rule from="^http://i\d?\.(msdn|social|technet)\.microsoft\.com/" to="https://$1.microsoft.com/"/>

	<rule from="^http://wscont\d\.apps\.microsoft\.com/" to="https://wscont.apps.microsoft.com/"/>

	<rule from="^http://i\d\.microsoft\.com/" to="https://i.microsoft.com/"/>

	<rule from="^http://i\d\.(code\.msdn|gallery\.technet)\.microsoft\.com/" to="https://i1.$1.s-msft.com/"/>

		<test url="http://i1.code.msdn.microsoft.com/content/common/trans.gif"/>

	<!--	Redirect drops path, args, and forward slash:
								-->
	<rule from="^http://office365\.microsoft\.com/.*" to="https://www.microsoft.com/en-us/office365/"/>

		<test url="http://office365.microsoft.com/favicon.ico"/>

	<rule from="^http://img3\.store\.microsoft\.com/" to="https://msstore.vo.msecnd.net/"/>

	<rule from="^http:" to="https:"/>

</ruleset>

Microsoft.xml    File a bug

The HTTPS Everywhere developers welcome corrections and updates to rules. Please see our developer information and documentation of the ruleset format. If filing a bug in the Tor Project's Trac bug tracker, you can use the shared username and password cypherpunks / writecode; please ensure that the bug is marked as applying to HTTPS Everywhere.

Information current as of:


current release ff5b4642 2019-06-27 14:21:20 -0700;
next release 737bcdfc 2019-08-09 18:08:25 +0300;