Thanks to the new SSL/TLS certificates for HTTPS on www.FreeBSD.org,
wiki.FreeBSD.org, svnweb.FreeBSD.org, and lists.FreeBSD.org (as noted in https://lists.freebsd.org/pipermail/freebsd-announce/2013-January/001452.html), visitors can enjoy improved security therein. However, links from one sub-domain to another, and in some cases within a given site, revert to unsecured HTTP.
In addition to the "How to repeat..." examples below, some other affected links I know of include: mirror selection, security advisories and errata notices, on the home page; "View or search problem reports" from Bug Reports; "browse" link from the mailing lists page, and then from a listinfo page to the associated archives; embedded man page references from all over (e.g. the Handbook); and submitting this very form.
How-To-Repeat: - Browse to https://www.freebsd.org/
- Do one of the following:
-- Use the search tool
-- Navigate using the main menus to Documentation->Manual Pages
-- ... Community->Forums
-- ... Developers->*
-- ... Support->Security Information
-- ... Support->Bug Reports
redirect to doc, also, should we make links on the htdocs/ frontend
just mention the /location.file instead of http://www.freebsd.org/
so that this behaviour is no longer seen?
Another method that has become common in recent years is
Which will keep the current protocol, be that HTTP or HTTPS
Although I am not sure how some of the more basic browsers like lynx
avoid 'mixed content'.
How can I help move this along?
So far, all the links mentions in this report are using now HTTPS. Lets close it.