[aur-general] aur website default ssl
Loui Chang
louipc.ist at gmail.com
Wed Oct 27 20:27:24 EDT 2010
On Wed 27 Oct 2010 14:14 +0200, Pierre Schmitz wrote:
> On Wed, 27 Oct 2010 11:40:19 +0300, Ionuț Bîru <ibiru at archlinux.org>
> wrote:
> > As i said earlier in a reply to Loui, maybe we can do it
> > better.Having https only for login and then redirecting to http is
> > like not having it at all.
>
> Simply using https for all connections is the easiest and best solution
> imho. Everything in between is either insecure or inconvenient for the
> users. And I also don't see the need for it. Every sane http client
> should handle a http redirect and https. If it does not it's just a bug
> in the client. Of course it is unfortunate that this wasn't tested by
> the clyde author before.
I would appreciate if you consult aur-dev before making changes to the
AUR. Can you please describe how you made this change, and how we can
enable normal http?
More information about the aur-general
mailing list