search

NaturalDocs / NaturalDocs

Natural Docs source code documentation system
http://www.naturaldocs.org
192 stars 33 forks source link

Hyper links in documentation default to http instead of https #83

Closed michaelbehan closed 1 year ago

michaelbehan commented 1 year ago

Hyperlinks in ND's generated documentation default to the http scheme instead of https. As far as I can tell, all of these can be changed to HTTPS and thus make the experience a bit safer for the user clicking on them.

Sample output from semgrep

indings:

  docs/html/index.html
     html.security.plaintext-http-link.plaintext-http-link
        This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible.
        Details: https://sg.run/RA5q

          9┆  ... <a href="http://www.naturaldocs.org" target="_blank">Generated by Natural Docs</a></div></body></html> ...
          [shortened a long line from output, adjust with --max-chars-per-line]

  docs/html/other/home.html
     html.security.plaintext-http-link.plaintext-http-link
        This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible.
        Details: https://sg.run/RA5q

         13┆  ... <a href="http://www.naturaldocs.org" target="_blank">Generated by Natural Docs</a></div></div></div></div></body></html> ...
          [shortened a long line from output, adjust with --max-chars-per-line]
NaturalDocs commented 1 year ago

Good catch. This has been fixed and will be included in the next release.

michaelbehan commented 1 year ago

Thank you so much!