[pmwiki-users] Https and ShortUrl

kirpi at kirpi.it kirpi at kirpi.it
Wed Feb 22 18:08:17 CST 2017

Thanks Petko!

As far as I can tell, there is actually a strong flow all around us,
heading to draw *all* connections under the https protocol. That is,
not only (in our case) the Pmwiki "folder" but as much as possible of
any website.

All the major browsers now show with growing vehemence, with both text
and symbols, when a page is not safe, and in some instances the
wording I saw were really threatening for any casual user. And again,
this happens even if a single (no matter how secondary, let's say an
ancillary script, or an image) component of any page is not served
securely with https. It's really a stressing business to "debug", and
more of it for people not too skilled in the matter. So, I believe it
would be better and easier to try and serve a whole website on https
by default.

I feel really puzzled, Petko: your script idea is interesting but why
strenghtening the door if I then leave the windows spread open? If I
understand right, anybody will circumvent the https shield just by
disabling javascript. Or am I wrong?
I am thinking about the matter (having little knowledge) since a
couple of days and I am not sure how to move.

One way or the other, I am afraid that me should face the need to
(sooner or later, better sooner) let our websites be accessible on
https by default.


More information about the pmwiki-users mailing list