Currently Mantissa jumps through a lot of hoops to generate URLs with HTTPS when redirecting from HTTP, but only when logging in, etc. These hoops represent some rather outdated ideas about HTTPS; there isn't really any reason to serve only logged in stuff over HTTPS instead of just serving the whole site over HTTPS. I think we should instead have Mantissa only serve Mantissa web functionality over one port (be it HTTP or HTTPS; HTTP behind a TLS terminating proxy is a pretty common use case that we should still support), and if you want HTTP to HTTPS redirection we can have a site that specifically just redirects which you could hook up to an HTTP port.
This would remove the need for Mantissa to look for an SSLPort to redirect to, which currently breaks sites using EndpointPort, which we made the default. Oops.
Currently Mantissa jumps through a lot of hoops to generate URLs with HTTPS when redirecting from HTTP, but only when logging in, etc. These hoops represent some rather outdated ideas about HTTPS; there isn't really any reason to serve only logged in stuff over HTTPS instead of just serving the whole site over HTTPS. I think we should instead have Mantissa only serve Mantissa web functionality over one port (be it HTTP or HTTPS; HTTP behind a TLS terminating proxy is a pretty common use case that we should still support), and if you want HTTP to HTTPS redirection we can have a site that specifically just redirects which you could hook up to an HTTP port.
This would remove the need for Mantissa to look for an
SSLPortto redirect to, which currently breaks sites usingEndpointPort, which we made the default. Oops.