GNU bug report logs - #56512
URLs in coreutils manuals documentation should use HTTPS

Previous Next

Package: coreutils;

Reported by: Ronak B <ronakworks <at> gmail.com>

Date: Tue, 12 Jul 2022 05:20:02 UTC

Owned by: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Severity: normal

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ronak B <ronakworks <at> gmail.com>
To: 56512 <at> debbugs.gnu.org
Subject: bug#56512: gnu.org does not redirect http to https
Date: Mon, 11 Jul 2022 19:45:38 -0500

[Message part 1 (text/plain, inline)]
Hi, I noticed today when I typed "man cat" and clicked on the "http://"
link in the man page that it did not redirect my browser from http to https.

$ curl -I http://www.gnu.org/software/coreutils/
HTTP/1.1 200 OK
Date: Tue, 12 Jul 2022 00:42:26 GMT
Server: Apache/2.4.29
Content-Location: coreutils.html
Vary: negotiate,Accept-Encoding
TCN: choice
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: (null)
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Tue, 12 Jul 2022 00:42:26 GMT
Content-Type: text/html
Content-Language: en

I also noticed this previous recent issue where this was resolved using an
nginx redirect from port 80 to 443 for *.guix.info

https://issues.guix.gnu.org/37348

Could we do this for all *.gnu.org too ?

After the domain and all of its subdomains are on HTTPS, then gnu.org can
also be added to the HSTS preload list.

https://hstspreload.org/

Best,
Ronak

[Message part 2 (text/html, inline)]
This bug report was last modified 2 years and 305 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.