[openstreetmap-website] Website should redirect HTTP connections to HTTPS (#833)

Tom Hughes notifications at github.com
Fri Nov 14 00:16:40 UTC 2014

To be completely accurate, simply choosing to force all traffic would be an operational issue (it wouldn't be done by changing any code in this repository).

Obviously offering some sort of option would involve code changes here, but because we don't require logins I'm not sure that really works - it works (or did when it was optional) for gmail because everybody has to login but short of using a cookie we would have no way of tracking the preference of a non-logged in user and even using a cookie has some interesting problems (it would have to be a non-secure cookie, but then you're leaking data...).

Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20141113/9b0a0b72/attachment.html>

More information about the rails-dev mailing list