Update HTTP link to HTTPS #101
Conversation
http://www.nvidia.com redirects to https://www.nvidia.com/, so linking to http is reduntant. More importantly, it could be considered a security issue, do to the nature of plain http. An attacker could perform a MITM attack and redirect the HTTP request to a malicious website. ``` > GET / HTTP/1.1 > Host: www.nvidia.com Response: < HTTP/1.1 307 Temporary Redirect < Location: https://www.nvidia.com/ ```
|
Redacted |
There was a problem hiding this comment.
@Shinyzenith This is absolutely not spam. It's a very valid PR with good intent. Not only does it provide a legitimate solution, but it describes what the issue is and why it should be considered a problem. This is the definition of legitimate contribution even if it's a rather insignificant change. Telling or implying that someone is spamming because you don't agree with a contribution is almost definitely very offputting to new contributors.
You do make a compelling point. Although this does make some sense it's a pretty pointless patch. I do apologize if I came off rough to new contributors. -Aakash |
|
It's not pointless though. It's legit. The link should use https. |
Patch? It literally just adds one letter to the end of a few strings. This isn't a patch as it is just basic security. It should've been done when it was first written. |
|
@alcaparra Went through and got the rest I could find, See alcaparra#1 |
|
Thanks for the submission; I've merged the specific change in this PR (fixing http://www.nvidia.com/object/quadro-sync.html). And, I've updated the remaining http => https instances within our internal code base. That should show up in a subsequent release. |
http://www.nvidia.comredirects tohttps://www.nvidia.com, so linking to http is reduntant.More importantly, it could be considered a security issue, do to the nature of plain http. An attacker could perform a MITM attack and redirect the HTTP request to a malicious website.