Hi all,
I'm looking for a guide how to take an existing service, and convert it into an .onion-too service (what facebook and propublica did).
Problem: Webservices tend to respond to a single URL only (like http://clearservice.com/), and won't deal gracefully with requests to http://onionservie.onion/); i.e. they might redirect to the clearservice address.
propublica has published their nginx setup to deal with this, but this looks a bit scary.
For one, they don't seem to rewrite protocol-relative URLs like href="//sub.clearservice.com/".
And then there generally is the question of ensuring that no clearnet URL escapes the rewriting. I guess for that, you'd need to implement a more thorough link checker and not just some ngnix filter rules.
Thoughts on that?
(It also occurred to me that you don't actually need to be the clearservice org to be able to set up an onion for them, as long as there is no https enforced/needed on the onion side.)
Andreas