Date: Fri, 03 Apr 2015 01:28:51 -0700 From: Mel Pilgrim <list_freebsd@bluerosetech.com> To: Nino J <nino80@gmail.com>, User Questions <freebsd-questions@freebsd.org> Subject: Re: Why does FreeBSD insist on https? Message-ID: <551E4F43.1060109@bluerosetech.com> In-Reply-To: <CALf6cgYFZBwy=SOcaayuP90jjGdvZt2aghYeCX0iTweceXXrEA@mail.gmail.com> References: <CAA3ZYrD_2AaDfW3oJ-NFt333DrjOwgBR-8bbqH0eVZGL6Y_5WQ@mail.gmail.com> <551DA84D.8030205@gmail.com> <20150402222539.37e330f8@gumby.homeunix.com> <551DC4F7.5090005@gmail.com> <CALf6cgYFZBwy=SOcaayuP90jjGdvZt2aghYeCX0iTweceXXrEA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2015-04-03 00:32, Nino J wrote: > Just bear in mind that the OP mentioned redirect to https. That means that > the initial request to the exact URL (i.e. before being redirected and > switching to https) is visible. Which is why we have HSTS. Packaged HSTS lists prevent the browser from ever sending an uncrypted URL.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?551E4F43.1060109>