Skip to content
This repository has been archived by the owner. It is now read-only.

[Security] Restrict calls to HTTPS #599

Closed
ferventcoder opened this issue Nov 2, 2014 · 0 comments

Comments

@ferventcoder
Copy link
Contributor

commented Nov 2, 2014

This restricts all calls from the client to the central community feed to use HTTPS.

Now that chocolatey.org is no longer subject to SNI SSL, we should be able to remove the WinXP/2003 changeover to http, and update all things in the code base to use https

ferventcoder added a commit to ferventcoder/chocolatey that referenced this issue Nov 2, 2014
This proved the changes required to ensure that client communicates with
chocolatey.org using HTTPS.
@ferventcoder ferventcoder added 3 - Done and removed 2 - Working labels Nov 2, 2014
ferventcoder added a commit to ferventcoder/chocolatey that referenced this issue Nov 2, 2014
* stable:
  0.9.8.28-rc1
  (docs) updating changelog/release notes
  (chocolatey-archiveGH-577) use default credentials if available.
  (maint) add kickstarter message
  (chocolatey-archiveGH-558) quote path on batch fallback
  (chocolatey-archiveGH-571) Use process id instead of name
  (chocolatey-archiveGH-600) Give maintainer heads up about moderation
  (chocolatey-archiveGH-599) Restrict calls to choco.org to https

Conflicts:
	readme.markdown
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
1 participant
You can’t perform that action at this time.