Default HTTPS redirect to 301 #13
Comments
|
We could add a flag for no bc break required |
|
A flag would make sense.
…On Thu, Aug 2, 2018 at 11:00 AM, Brian Gantick ***@***.***> wrote:
We could add a flag for permanent: http://nginx.org/en/docs/http/
ngx_http_rewrite_module.html#rewrite
no bc break required
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#13 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAB9fZ4xC3g-OB8EAMDEZNCGcG1uh-Kkks5uMxQOgaJpZM4Vsc-R>
.
--
*THOMAS BOUTELL, CHIEF SOFTWARE ARCHITECT*
P'UNK AVENUE | (215) 755-1330 | punkave.com
|
|
I agree that this should be a permanent redirect. I don't think the user needs to be able to configure if this is temporary or permanent. If this is considered a bc break, hmmm, per definition yes, but one can also argue that it was a bug, as the correct redirect would be permanent, and side effects (once you go https it's damn hard to go back to non-https)? Can anyone think of any any side effects that it will now start doing it correct? |
|
I'm sold that it should be a 301.
…On Fri, Aug 10, 2018 at 9:27 PM, houmark ***@***.***> wrote:
I agree that this should be a permanent redirect. I don't think the user
needs to be able to configure if this is temporary or permanent.
If this is considered a bc break, hmmm, per definition yes, but one can
also argue that it was a bug, as the correct redirect would be permanent,
and side effects (once you go https it's damn hard to go back to
non-https)? Can anyone think of any any side effects that it will now start
doing it correct?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#13 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAB9fYLJvRa8kUDlCHgSh1nLIvnKecnPks5uPjLngaJpZM4Vsc-R>
.
--
*THOMAS BOUTELL, CHIEF SOFTWARE ARCHITECT*
P'UNK AVENUE | (215) 755-1330 | punkave.com
|
|
i.e. that it is not a bc break.
…On Mon, Aug 13, 2018 at 9:22 AM, Tom Boutell ***@***.***> wrote:
I'm sold that it should be a 301.
On Fri, Aug 10, 2018 at 9:27 PM, houmark ***@***.***> wrote:
> I agree that this should be a permanent redirect. I don't think the user
> needs to be able to configure if this is temporary or permanent.
>
> If this is considered a bc break, hmmm, per definition yes, but one can
> also argue that it was a bug, as the correct redirect would be permanent,
> and side effects (once you go https it's damn hard to go back to
> non-https)? Can anyone think of any any side effects that it will now start
> doing it correct?
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#13 (comment)>,
> or mute the thread
> <https://github.com/notifications/unsubscribe-auth/AAB9fYLJvRa8kUDlCHgSh1nLIvnKecnPks5uPjLngaJpZM4Vsc-R>
> .
>
--
*THOMAS BOUTELL, CHIEF SOFTWARE ARCHITECT*
P'UNK AVENUE | (215) 755-1330 | punkave.com
--
*THOMAS BOUTELL, CHIEF SOFTWARE ARCHITECT*
P'UNK AVENUE | (215) 755-1330 | punkave.com
|
|
Actually this should be a flag. If you think you're ready to generate a cert, but you're mistaken, then you're in a world of hurt if you can't change your mind about this until it's proven solid. |
This would be for the
--redirect-to-https=trueflag. Given this is a utility would that be a BC break? I can imagine edge cases.@austinstarin brought this up in P'unk Slack today. At least this should be an option to pass. No reason I can see why an HTTP to HTTPS redirect should be temporary these days.
The text was updated successfully, but these errors were encountered: