Sujet : Re: broken and insecure links (Was: comp.lang.prolog Frequently Asked Questions)
De : janburse (at) *nospam* fastmail.fm (Mild Shock)
Groupes : comp.lang.prologDate : 20. Sep 2024, 11:19:10
Autres entêtes
Message-ID : <vcjemc$dhdf$1@solani.org>
References : 1 2 3 4 5 6
User-Agent : Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0 SeaMonkey/2.53.19
But its up to the server admin paranoia to
provide HTTPS at all. Your paranoia goes away
if you notice that HTTPS is practially recommended
for example under the EU GDPR or CCPA.
https://gdpr.eu/https://oag.ca.gov/privacy/ccpaMild Shock schrieb:
GIT does also produce a HTTPS warning and
not allow HTTP at all, it works with a HTTP
client that has redirect(true):
$ git clone http://www.dogelog.ch/dogelog/.git
Cloning into 'dogelog'...
warning: redirecting to https://www.dogelog.ch/dogelog/.git/
Fetching objects: 4613, done.
The warning tells me I have a **security glitch**
using initially HTTP, and I should use a HTTPS
link from the start.
Your SWI-Prolog GIT library might suppress this
warning, which is **not ok** in my opinion. To avoid
the warning I directly publish a HTTPS link:
1 GIT Access
For binary files and source code initially:
git clone https://www.dogelog.ch/dogelog/.git
Mild Shock schrieb:
Here is a sketch how this could be checked:
```
http_open(_, _, [final_url(FinalURL)]),
(\+ sub_atom(FinalURL, 0, _, _, 'https:') ->
/* show some warning or even fatal error */
```
[https://www.swi-prolog.org/pldoc/man?predicate=http_open/3](https://www.swi-prolog.org/pldoc/man?predicate=http_open/3) >
>
Or better using the `redirect(false`) http option
from the beginning. Some modern HTTP clients have
even a third `redirect/1` option besides true and
>
false that prevents HTTP to HTTPS promotion.
comp.lang.prolog Frequently Asked Questions
Re: broken and insecure links (Was: comp.lang.prolog Frequently Asked Questions)