<!--
	CDN buckets:

		- av.vimeo.com.edgesuite.net

			- a808.g.akamai.net

		- pdl.vimeocdn.com.edgesuite.net

			- a1189.g.akamai.net


	Problematic subdomains:

		- av	(pdl.../crossdomain.xml restricts to port 80)
		- pdl	(works, akamai)


	Partially covered subdomains:

		- developer	(some pages redirect to http)
		- pdl		(→ akamai)


	Fully covered subdomains:

		- (www.)
		- secure


Default off per https://trac.torproject.org/projects/tor/ticket/7569 -->
<ruleset name="Vimeo (default off)" default_off="breaks some video embedding">

	<target host="vimeo.com" />
	<target host="*.vimeo.com" />
		<exclusion pattern="^http://av\.vimeo\.com/crossdomain\.xml" />
		<!--exclusion pattern="^http://developer\.vimeo\.com/($|\?|(apps|guidelines|help|player)($|[?/]))" /-->
		<exclusion pattern="^http://developer\.vimeo\.com/(?!apis(?:$|[?/])|favicon\.ico)" />
	<target host="*.vimeocdn.com" />
		<!--
			Uses crossdomain.xml from s3.amazonaws.com, which sets secure="false"

				https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html
			-->
		<exclusion pattern="^http://a\.vimeocdn\.com/p/flash/moogaloop/" />

		<!--	We cannot secure streams because crossdomain.xml
			restricts to port 80 :(
						-->
		<exclusion pattern="^http://pdl\.vimeocdn\.com/(?!crossdomain\.xml)" />


	<!--	Tracking cookies:
					-->
	<securecookie host="^\.(?:player\.)?vimeo\.com$" name="^__utm\w$" />


	<rule from="^http://((?:developer|player|secure|www)\.)?vimeo\.com/"
		to="https://$1vimeo.com/" />

	<rule from="^http://av\.vimeo\.com/"
		to="https://a248.e.akamai.net/f/808/9207/8m/av.vimeo.com/" />

	<!--	a & b: Akamai	-->
	<rule from="^http://(?:secure-)?([ab])\.vimeocdn\.com/"
		to="https://secure-$1.vimeocdn.com/" />

	<rule from="^http://i\.vimeocdn\.com/"
		to="https://i.vimeocdn.com/" />

	<rule from="^http://pdl\.vimeocdn\.com/"
		to="https://a248.e.akamai.net/f/1189/4415/8d/pdl.vimeocdn.com/" />

</ruleset>