Thanks to the new SSL/TLS certificates for HTTPS on www.FreeBSD.org, wiki.FreeBSD.org, svnweb.FreeBSD.org, and lists.FreeBSD.org (as noted in https://lists.freebsd.org/pipermail/freebsd-announce/2013-January/001452.html), visitors can enjoy improved security therein. However, links from one sub-domain to another, and in some cases within a given site, revert to unsecured HTTP. In addition to the "How to repeat..." examples below, some other affected links I know of include: mirror selection, security advisories and errata notices, on the home page; "View or search problem reports" from Bug Reports; "browse" link from the mailing lists page, and then from a listinfo page to the associated archives; embedded man page references from all over (e.g. the Handbook); and submitting this very form. How-To-Repeat: - Browse to https://www.freebsd.org/ - Do one of the following: -- Use the search tool -- Navigate using the main menus to Documentation->Manual Pages -- ... Community->Forums -- ... Developers->* -- ... Support->Security Information -- ... Support->Bug Reports -- Etc
Responsible Changed From-To: freebsd-www->freebsd-doc redirect to doc, also, should we make links on the htdocs/ frontend just mention the /location.file instead of http://www.freebsd.org/ so that this behaviour is no longer seen?
Another method that has become common in recent years is <a href="//www.freebsd.org/blah/blah"> Which will keep the current protocol, be that HTTP or HTTPS Although I am not sure how some of the more basic browsers like lynx might handle that. Google et all use it for including javascript to avoid 'mixed content'. -- Allan Jude
How can I help move this along?
So far, all the links mentions in this report are using now HTTPS. Lets close it.