Matthias Wimmer writes: > Especially it does not indicate, that every resource available on a > given HTTP URI is also available on the corresponding HTTPS URI.
That possibility is a reason not to create redirections automatically, since historically we've had a number of examples of sites where the content on the HTTPS site was entirely different from the content on the HTTP site. A classic example was the LiveJournal site, where at one point HTTPS access was available, but only for users who had accounts, and not for people who wished to read the site content anonymously. (This isn't true for LiveJournal anymore, but I still think of it as a representative example of how the HTTPS and HTTP sites can be different. Another example could be sites where the HTTPS version is only an administrative interface for the site owner to edit the site's content.) -- Seth Schoen <[email protected]> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 _______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
