On Tue, 2014-12-23 at 23:45 -0500, James McCoy wrote:
> Debsources itself isn't something that specifically warrants
> https-only access, so we should enable the amin deploying the code to
> make that choice for herself. Using scheme-relative URLs enables that
> choice.
Using schema-relative URL
On Dec 23, 2014 10:22 PM, "Paul Wise" wrote:
> I think it would be better to link to https only because debian.org
> services redirect all sites to https (except www.d.o but that uses a
> HSTS/CSS trick to redirect to https).
I disagree.
Debsources itself isn't something that specifically warran
On Wed, Dec 24, 2014 at 11:22 AM, Paul Wise wrote:
> I think it would be better to link to https only because debian.org
> services redirect all sites to https (except www.d.o but that uses a
> HSTS/CSS trick to redirect to https). I'll submit a patch to do that.
Attached.
--
bye,
pabs
https:/
On Wed, Dec 24, 2014 at 1:19 AM, Stefano Zacchiroli wrote:
> I've converted to scheme-relative all URLs that, upon manual checking of
> their https:// variant, led to SSL-enabled web sites with valid
> certificates. If anyone checks, please let me know if I've missed some.
I think it would be bet
On Tue, Dec 23, 2014 at 11:50:28AM -0500, James McCoy wrote:
> Would that just be a matter of using scheme-relative links (i.e., href="//foo">)?
Actually, yes! I was assuming that something more complex was needed,
but apparently scheme-relative URLs are enough for our case. So now the
browser is
On Tue, Dec 23, 2014 at 05:22:21PM +0100, Stefano Zacchiroli wrote:
> On Mon, Dec 08, 2014 at 11:42:40PM +0800, Paul Wise wrote:
> > Please add an SSL certificate signed by the CAs so that users visiting
> > the site over SSL don't get warnings from their browsers.
>
> This has now been done.
>
>
Package: qa.debian.org
Severity: normal
User: qa.debian@packages.debian.org
Usertags: debsources
Please add an SSL certificate signed by the CAs so that users visiting
the site over SSL don't get warnings from their browsers. There are 3
CAs offering gratis certs, GlobalSign's offer seems the
7 matches
Mail list logo
