niteshpatel
commented
7 years ago Hi Jochen - I will look into this, and try to merge. Thanks for this
Closed Jochen-A-Fuerbacher closed 7 years ago
niteshpatel
commented
7 years ago Hi Jochen - I will look into this, and try to merge. Thanks for this
niteshpatel
commented
7 years ago Hi Jochen
I had a look at this, and none of the urls automatically redirect to https when I tried them in the browser.
Where did you notice the redirecting behaviour?
-Nitesh
Jochen-A-Fuerbacher
commented
7 years ago Hi Nitesh,
sorry, you are right. I checked those URLs with HTTPS Everywhere enabled. However, all of these URLs support HTTPS. So would'n it be nice to have HTTPS enabled in ministocks? Would be a nice security feature if the users are connected to unsecure public wifi hotspots or so.
Jochen
niteshpatel
commented
7 years ago It's useful that HTTPs is supported on those URLs. I don't believe there's any benefit re. security. If you are on a public wifi hotspot and somehow these requests are getting sniffed, there is likely much more sensitive data also getting sniffed. There isn't enough sensitive data as part of the Ministocks requests in any case.
I may enable HTTPs in the future, but given that HTTP is tried and tested, and both of the Yahoo and Google stock price services are not technically supported for the general public, I am going to err on the side of caution and resist the temptation to change something that is already working.
I appreciate the Pull request though.
There are some http URLs that already redirect to https. To avoid these unnecessary redirects, use https directly.