GNU bug report logs -
#56512
URLs in coreutils manuals documentation should use HTTPS
Previous Next
Full log
Message #8 received at 56512 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Ronak,
Guix does not control the infrastructure behind the GNU project. You need to contact the GNU sysadmins, though I don't know how :)
Le 12 juillet 2022 02:45:38 GMT+02:00, Ronak B <ronakworks <at> gmail.com> a écrit :
>Hi, I noticed today when I typed "man cat" and clicked on the "http://"
>link in the man page that it did not redirect my browser from http to https.
>
>$ curl -I http://www.gnu.org/software/coreutils/
>HTTP/1.1 200 OK
>Date: Tue, 12 Jul 2022 00:42:26 GMT
>Server: Apache/2.4.29
>Content-Location: coreutils.html
>Vary: negotiate,Accept-Encoding
>TCN: choice
>Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
>X-Frame-Options: sameorigin
>X-Content-Type-Options: nosniff
>Access-Control-Allow-Origin: (null)
>Accept-Ranges: bytes
>Cache-Control: max-age=0
>Expires: Tue, 12 Jul 2022 00:42:26 GMT
>Content-Type: text/html
>Content-Language: en
>
>I also noticed this previous recent issue where this was resolved using an
>nginx redirect from port 80 to 443 for *.guix.info
>
>https://issues.guix.gnu.org/37348
>
>Could we do this for all *.gnu.org too ?
>
>After the domain and all of its subdomains are on HTTPS, then gnu.org can
>also be added to the HSTS preload list.
>
>https://hstspreload.org/
>
>Best,
>Ronak
[Message part 2 (text/html, inline)]
This bug report was last modified 2 years and 305 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.