Closed AchoArnold closed 9 years ago
Thanks for the PR!
spiderJS reports a 403 error at http://www.bleepingcomputer.com/tutorials/windows-command-prompt-introduction/
Looks like they fixed that.
Why aren't all HTTP requests redirected to use the HTTPS protocol?
I honestly have no idea. Maybe anyone from the infrastructure team can give us an answer? cc @gnarf
Why aren't all HTTP requests redirected to use the HTTPS protocol? I honestly have no idea. Maybe anyone from the infrastructure team can give us an answer? cc @gnarf
First of all, none of the jquery sites have login or anything that requires secure protocols other than jquery.org (which does force https)
Secondly, leaving it as http allows for a bit more caching and less procesor across most of the sites.
The only reason I could think of to force it on for content sites is to avoid MITM stuff.
I'd hapilly enable this on the content sites if y'all want to do and share a little research on best practices and decide we should have it on. @jquery/content
Also regarding jquery/jquery.com#91 that is specifically talking about script and image SRC stuff from cdns
I don't feel like it's needed for us, no. Though you could as well see it as promoting best practises, which I think we should do. Not really sure myself.
We should discuss at next meeting? Solicit feedback on an issue? On Jun 6, 2015 10:00, "Arthur Verschaeve" notifications@github.com wrote:
I don't feel like it's needed for us, no. Though you could as well see it as promoting best practises, which I think we should do. Not really sure myself.
— Reply to this email directly or view it on GitHub https://github.com/jquery/contribute.jquery.org/pull/118#issuecomment-109581472 .
@gnarf On the meeting sounds fine. Dropped it on the notes.
@arschmitz spiderJS reports a 403 error at http://www.bleepingcomputer.com/tutorials/windows-command-prompt-introduction/
Remark
It seems all sites are migrating to HTTPS. As mentioned at https://github.com/jquery/jquery.com/pull/91#issue-63863412, the use of SSL is encouraged. I also noticed that all jQuery sites have valid SSL certificates. Why aren't all HTTP requests redirected to use the HTTPS protocol?
PS: I don't know the best place to raise this issue