search

OpenRA / OpenRAWeb

The former source for the official OpenRA website.
http://www.openra.net
47 stars 34 forks source link

HTTPS for openra.net #372

Open xan2622 opened 6 years ago

xan2622 commented 6 years ago

Starting in July, Google Chrome will mark all HTTP sites as “not secure".

https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html https://nakedsecurity.sophos.com/2018/01/17/firefox-locks-down-its-future-with-https-secure-contexts/

It might be interesting to move http://www.openra.net to https as well. See also: https://letsencrypt.org

Echolon commented 6 years ago

Yes, just opened an issue for the same reason at the wrong place :/

pchote commented 6 years ago

The main website is hosted on Github Pages, which still doesn't support https for custom domains.

Echolon commented 6 years ago

Support said they will make a +1 in their internal Feature Request List and alternatively named this link https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/

But I think this is not of your interest.... Guess we need to wait for it :/

pchote commented 6 years ago

Github have finally announced support for https on custom domains: https://blog.github.com/2018-05-01-github-pages-custom-domains-https/

https://www.openra.net/ already kind of works, and we can look into fixing the remaining issues and setting up the http -> https redirects when time allows.

Echolon commented 6 years ago

Ouh yeah, I made it :)

pchote commented 6 years ago

https is now enforced for www.openra.net.

pchote commented 6 years ago

Enforcing https broke the ingame asset downloads on windows 10, so I have had to disable that option. Reopening ticket so that someone else doesn't unknowingly enable that option again until the cause can be identified and fixed.

https will still work, it just won't force redirect standard http to use it.

pchote commented 6 years ago

I expect https://github.com/OpenRA/OpenRA/pull/15519 should fix the asset downloads, so we should be able to reenable this after the next release.

Echolon commented 6 years ago

You're still my beloved mod project :smiley:

anjew175 commented 5 years ago

I assume this issue is fixed?

Echolon commented 5 years ago

Not forced

On May 30, 2019 8:19:21 PM GMT+02:00, anjew175 notifications@github.com wrote:

I assume this issue is fixed?

-- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/OpenRA/OpenRAWeb/issues/372#issuecomment-497431065