On 11/09/18 19:05, Philipp Richter wrote:
Hello,
I noticed that accessing patchwork.ozlabs.org did not automatically
redirect to HTTPS. The validation link sent in the e-mail also doesn't
have https:// prepended to it.
This is a bit risky while registering or logging in. This was first
apparent from https://buildroot.org/contribute.html which linked to
the http unsecured patchwork page, they already committed a forced
https:// on the link.
I would strongly suggest forcing a 301 redirect to the https version
of the site in the webserver configuration.
jk and sfr are looking into it. Thanks for pointing this out :)
--
Andrew Donnellan OzLabs, ADL Canberra
andrew.donnel...@au1.ibm.com IBM Australia Limited
_______________________________________________
Patchwork mailing list
Patchwork@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/patchwork
