Hiltjo Posthuma:
> I'm not a fan of automatic http to HTTPs redirects. It would break
> support for some text-based clients or some simple scripts as an
> example.
I'm a huge fan of these redirects. A simple 301 Moved Permanently has
been part of RFC 2616 sinde 1999 and anything not able to handle that is
broken:
https://tools.ietf.org/html/rfc2616#section-10.3.2
Can you tell which clients and scripts break and how?
> HSTS support makes sure http to https links are changed on the
> client-side.
Some privacy-settings clean all states on exit, including cookes and
HSTS. And people mostly type domains into an URL bar, not protocols.
--
ilf
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine Initiative des Bundesamtes für Tastaturbenutzung
Received on Thu Aug 31 2017 - 11:36:06 CEST