search

jquery / contribute.jquery.org

Developer documentation common to jQuery projects
https://contribute.jquery.org
Other
25 stars 76 forks source link

Fixed some bad links #118

Closed AchoArnold closed 9 years ago

AchoArnold commented 9 years ago

@arschmitz spiderJS reports a 403 error at http://www.bleepingcomputer.com/tutorials/windows-command-prompt-introduction/

Remark

It seems all sites are migrating to HTTPS. As mentioned at https://github.com/jquery/jquery.com/pull/91#issue-63863412, the use of SSL is encouraged. I also noticed that all jQuery sites have valid SSL certificates. Why aren't all HTTP requests redirected to use the HTTPS protocol?

PS: I don't know the best place to raise this issue

arthurvr commented 9 years ago

Thanks for the PR!

spiderJS reports a 403 error at http://www.bleepingcomputer.com/tutorials/windows-command-prompt-introduction/

Looks like they fixed that.

Why aren't all HTTP requests redirected to use the HTTPS protocol?

I honestly have no idea. Maybe anyone from the infrastructure team can give us an answer? cc @gnarf

gnarf commented 9 years ago

Why aren't all HTTP requests redirected to use the HTTPS protocol? I honestly have no idea. Maybe anyone from the infrastructure team can give us an answer? cc @gnarf

First of all, none of the jquery sites have login or anything that requires secure protocols other than jquery.org (which does force https)

Secondly, leaving it as http allows for a bit more caching and less procesor across most of the sites.

The only reason I could think of to force it on for content sites is to avoid MITM stuff.

I'd hapilly enable this on the content sites if y'all want to do and share a little research on best practices and decide we should have it on. @jquery/content

gnarf commented 9 years ago

Also regarding jquery/jquery.com#91 that is specifically talking about script and image SRC stuff from cdns

arthurvr commented 9 years ago

I don't feel like it's needed for us, no. Though you could as well see it as promoting best practises, which I think we should do. Not really sure myself.

gnarf commented 9 years ago

We should discuss at next meeting? Solicit feedback on an issue? On Jun 6, 2015 10:00, "Arthur Verschaeve" notifications@github.com wrote:

I don't feel like it's needed for us, no. Though you could as well see it as promoting best practises, which I think we should do. Not really sure myself.

— Reply to this email directly or view it on GitHub https://github.com/jquery/contribute.jquery.org/pull/118#issuecomment-109581472 .

arthurvr commented 9 years ago

@gnarf On the meeting sounds fine. Dropped it on the notes.