[Python-Dev] HTTPS on bugs.python.org (original) (raw)
INADA Naoki songofacandy at gmail.com
Thu Sep 7 23:13:33 EDT 2017
- Previous message (by thread): [Python-Dev] HTTPS on bugs.python.org
- Next message (by thread): [Python-Dev] Summary of Python tracker Issues
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Fixed. Thanks to infra team. http://psf.upfronthosting.co.za/roundup/meta/issue638
INADA Naoki <songofacandy at gmail.com>
On Fri, Sep 1, 2017 at 9:57 PM, Victor Stinner <victor.stinner at gmail.com> wrote:
Hi,
When I go to http://bugs.python.org/ Firefox warns me that the form on the left to login (user, password) sends data in clear text (HTTP). Ok, I switch manually to HTTPS: add "s" in "http://" of the URL. I log in. I go to an issue using HTTPS like https://bugs.python.org/issue31250 I modify an issue using the form and click on [Submit Changes] (or just press Enter): I'm back to HTTP. Truncated URL: http://bugs.python.org/issue31250?@okmessage=msg%20301099%20created%... Hum, again I switch manually to HTTPS by modifying the URL: https://bugs.python.org/issue31250?@okmessage=msg%20301099%20created%... I click on the "clear this message" link: oops, I'm back to the HTTP world... http://bugs.python.org/issue31250 So, would it be possible to enforce HTTPS on the bug tracker? The best would be to always generate HTTPS urls and maybe redirect HTTP to HTTPS. Sorry, I don't know what are the best practices. For example, should we use HTTPS only cookies? Victor
Python-Dev mailing list Python-Dev at python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/songofacandy%40gmail.com
- Previous message (by thread): [Python-Dev] HTTPS on bugs.python.org
- Next message (by thread): [Python-Dev] Summary of Python tracker Issues
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]