Screenshots that had https as url currently can get redirected to http without any warnings being raised as it seems curl's get! simply follows https->http.
As this degrades authenticity of the data it would be prudent to at least raise a warning about this and have authors either use http on the url to begin with or ensure the redirect chain does not drop to http. A MITM attack could inject unwanted art into the final data set, making both the distributor and the software look bad.
The text was updated successfully, but these errors were encountered:
Screenshots that had https as url currently can get redirected to http without any warnings being raised as it seems curl's
get!simply follows https->http.As this degrades authenticity of the data it would be prudent to at least raise a warning about this and have authors either use http on the url to begin with or ensure the redirect chain does not drop to http. A MITM attack could inject unwanted art into the final data set, making both the distributor and the software look bad.
The text was updated successfully, but these errors were encountered: