Sorry, took a look at this a while back when I didn't have time to
fully work through it...and then forgot about it. ;-/

On 2020-02-12 04:34, Aham Brahmasmi wrote:
> Namaste misc,
> Overview:
> Certain https URLs on get downgraded to http in redirection.
> Steps:
> When navigating to [1] from a
> browser, one ends up on
> Same with [1], which ends up on

I Google for "openbsd man", I end up with a link to 
and it takes me to via httpS.

I for "openbsd man", same thing.
(yay.  I just used a website as a verb.)

Google does seem to show a link for httpS://, but
tosses the browser at DuckDuckGo does not
and does what you would expect and hope.

Looking at the page source for the google return, it DOES appear to
be sending the browser to http://, so everything is working as
designed.  Is there a problem?  Yes -- google is aware https:// 
those sites exists, but doesn't actually send users to them.
Apparently your favorite search engine does as well.  Perhaps it
isn't as privacy friendly as you are thinking it is.  The problem
isn't with the websites, it's with where the search engine is 
sending the user.

You want it changed so that when someone clicks on a link, they go
somewhere OTHER than where that link sends them?  I understand your
goal (everything should be HTTPS!!), but I don't really like the
idea of "click here, go elsewhere".

Want https? great. use it.  There are times when it's handy to NOT
be obsessed with https (i.e., clock is hosed on your computer).  

So ... unless some developer I really respect (which is just about
all of them1) tells me to change this, I'm not planning on
changing the behavior of the machines.


Reply via email to