<!-- CDN buckets: - av.vimeo.com.edgesuite.net - a808.g.akamai.net - pdl.vimeocdn.com.edgesuite.net - a1189.g.akamai.net Problematic subdomains: - av (pdl.../crossdomain.xml restricts to port 80) - pdl (works, akamai) Partially covered subdomains: - developer (some pages redirect to http) - pdl (→ akamai) Fully covered subdomains: - (www.) - secure Default off per https://trac.torproject.org/projects/tor/ticket/7569 --> <ruleset name="Vimeo (default off)" default_off="breaks some video embedding"> <target host="vimeo.com" /> <target host="*.vimeo.com" /> <exclusion pattern="^http://av\.vimeo\.com/crossdomain\.xml" /> <!--exclusion pattern="^http://developer\.vimeo\.com/($|\?|(apps|guidelines|help|player)($|[?/]))" /--> <exclusion pattern="^http://developer\.vimeo\.com/(?!apis(?:$|[?/])|favicon\.ico)" /> <target host="*.vimeocdn.com" /> <!-- Uses crossdomain.xml from s3.amazonaws.com, which sets secure="false" https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html --> <exclusion pattern="^http://a\.vimeocdn\.com/p/flash/moogaloop/" /> <!-- We cannot secure streams because crossdomain.xml restricts to port 80 :( --> <exclusion pattern="^http://pdl\.vimeocdn\.com/(?!crossdomain\.xml)" /> <!-- Tracking cookies: --> <securecookie host="^\.(?:player\.)?vimeo\.com$" name="^__utm\w$" /> <rule from="^http://((?:developer|player|secure|www)\.)?vimeo\.com/" to="https://$1vimeo.com/" /> <rule from="^http://av\.vimeo\.com/" to="https://a248.e.akamai.net/f/808/9207/8m/av.vimeo.com/" /> <!-- a & b: Akamai --> <rule from="^http://(?:secure-)?([ab])\.vimeocdn\.com/" to="https://secure-$1.vimeocdn.com/" /> <rule from="^http://i\.vimeocdn\.com/" to="https://i.vimeocdn.com/" /> <rule from="^http://pdl\.vimeocdn\.com/" to="https://a248.e.akamai.net/f/1189/4415/8d/pdl.vimeocdn.com/" /> </ruleset>