New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
https #72
Comments
Agreed! I would really like webcompat to support HTTPS and redirect HTTP to HTTPS. |
Can this be given higher priority? Perhaps through Mozilla's IT? It's really bad to have a site that has a login box and accepts potentially sensitive information without TLS/HSTS. |
@annevk which sensitive information are you thinking about? |
Well, a user's login credentials. Sites a user wants to report. |
Yeah, thanks for a reminder--probably won't be able to tackle this until next week with conference travel starting tomorrow though. |
Was feeling lazy when thinking about tasks I should be working on, so I worked on this instead. The only complication is that I didn't add the
Not really worried about staging, because that's behind HTTP basic auth and is just a place for core contributors to test out things. But having protocol differences between staging and production is not ideal. But we need to figure out what to do with planet. The solution might just be to pony up the $59.99 for a 2 year Class 2 with wildcard/subdomain support. |
Filed #303 for the subdomain stuff. |
Should probably serve webcompat.com over https by default.
The text was updated successfully, but these errors were encountered: