-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Mark,
On 2/25/20 14:34, Mark Thomas wrote:
> On 25/02/2020 15:53, Felix Schumacher wrote:
>> Hi all,
>>
>> as more and more browsers are marking http as unsecure, we
>> should redirect all http requests to tomcat.apache.org to https.
>
> I really don't like this.
>
> I'm happy to support https for those people that want to use it but
> I see no need to require https for everybody for
> tomcat.apache.org.
>
> We should not be dictating to our users what security / privacy /
> caching / performance / etc. trade-offs are appropriate for them.
> We should support as many options as possible and let our users
> decided.
>
> I'm not quite -1 on this but I am close.

https://www.troyhunt.com/heres-why-your-static-website-needs-https/

- -chris

>> We can enable that by adding a rewrite rule to the .htaccess file
>> in the xdocs folder of our site repo.
>>
>> For JMeter we used the following fragment:
>>
>> RewriteEngine On
>>
>> # Redirect http to https # From Cordova PMC Member raphinesse #
>> https://s.apache.org/An8s
>>
>> # If we receive a forwarded http request from a proxy...
>> RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
>>
>> # ...or just a plain old http request directly from the client
>> RewriteCond %{HTTP:X-Forwarded-Proto} ="" RewriteCond %{HTTPS}
>> !=on
>>
>> # Redirect to https version RewriteRule ^
>> https://%{HTTP_HOST}%{REQUEST_URI} [L]
>>
>> Anything against adding this to our .htaccess file?
>
>
>>
>> Felix
>>
>>
>> ---------------------------------------------------------------------
>>
>>
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: dev-h...@tomcat.apache.org
>>
>
>
> ---------------------------------------------------------------------
>
>
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl5Vh3kACgkQHPApP6U8
pFgktRAAh34aN6pyZaMz2n/Bha81mbNjglrMcxkrEswqMCJM0/8Wbw8hgB+3JArQ
dfIYipA2KTtjEzRgGU74qGcvDnEpTcoWi+csvmU7nwExt2RClmMF/5KqvYi67QZZ
l0klgHATRjNPrPOkvZy8Op0fFS6/bnXzvESS/lusz6aLrqiXRxqDVyDgCiBxzrXr
m2VLdE/re1CyFzcNcNmHUAUNs37/0E2WB1d11OvblE3I9eRb1Vk+FHtsfkDmNEoX
0RE7sQlr12ElMQ3OYOHsErxrxgTD2J/+CXqbMra8sWQ4pgEZPMX/7k5bGyr3IpTh
sOiSR9KNShfJtjKXp2ngJJKbEgDpr4SOYAh5FwGyUKmxflw+nqbc/Zd5bA6H4GNH
27p0Ec2ArCSDM4vlIeYbtBo8xqAuq2ArVywyUVrWog4mk0Hita2OHnp6Y8CFcZwR
hVv2fuFzd9/zueHG1TvLpB86Mr40MS8j2OelAACixECkV8CAo+64hXLLELgl5XXd
wu6J60tKXXgTlcQcoa0h9nm27D3YKLBUnH6CuOxjUGxVHwH6Bmc2OdR5l+FRNHkl
35MEkqCXThXc62/G/sBW4/Kd7bF/A0wYXT8dKYb6p/s4GXZ9yM3sgjQr9N/b0sP0
RukK+6i6vgtsY7xf8eSVtUAgYNyV4ndxpQyYBiyRHVh06nfGgHQ=
=qS1l
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to