[[[ To any NSA and FBI agents reading my email: please consider ]]] [[[ whether defending the US Constitution against all enemies, ]]] [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> In the case of Savannah, if the user loads the page over HTTPS, they > will be served the login form over HTTPS. That's good, but a redirect > should still otherwise happen. I don't understand what you mean here. Would you please state your proposal concretely in a self-contained way? However, that should be a separate discussion. The question at hand is to make Savannah _fully support HTTPS_, nothing more. > Richard: unless there's a compelling reason not to, I think the > sysadmins or Savannah hackers (whomever has the ablity) should just add > a webserver rule to redirect all requests on port 80 to 443. Would this, by itself, fix the immediate problem? > For > example, if the login form was loaded over HTTPS, but accidentally posts > to an HTTP link, Please spell out that scenario more clearly; I do not follow you. -- Dr Richard Stallman President, Free Software Foundation (gnu.org, fsf.org) Internet Hall-of-Famer (internethalloffame.org) Skype: No way! See stallman.org/skype.html.
