Skip to content

Update external links to use https #251

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
konklone merged 5 commits into from
Aug 31, 2018
Merged

Update external links to use https #251

konklone merged 5 commits into from
Aug 31, 2018

Conversation

@anand-bhat
Copy link
Contributor

@anand-bhat anand-bhat commented Aug 31, 2018

No description provided.

@anand-bhat
Use https links
b063537 
Use https links for caniuse.com
@anand-bhat
Use https link
bae6777 
Use https link for nvlpubs.nist.gov
@anand-bhat
Fix dead link
99a2214
@anand-bhat
Use https links
2c2c97e 
Use https links for nvlpubs.nist.gov and social.technet.microsoft.com. Remove redirect for social.technet.microsoft.com
@anand-bhat
Replace dead link
8ebfdae
konklone
konklone approved these changes Aug 31, 2018
View reviewed changes
Copy link
Contributor

@konklone konklone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for catching these!

pages/hsts.md
* [HSTS web developer documentation](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security) maintained by the Mozilla community
* Chrome's [HSTS preload list](https://chromium.googlesource.com/chromium/src/+/master/net/http/transport_security_state_static.json), and their [submission form](https://hstspreload.org).
* ["Upgrading HTTPS in Mid-Air"](https://www.internetsociety.org/sites/default/files/01_4_0.pdf) - A paper analyzing the current detailed practice of HSTS and [HTTP Public Key Pinning](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning), as of November 2014.
* ["Upgrading HTTPS in Mid-Air"](https://www.cs.princeton.edu/research/techreps/TR-986-15) - A paper analyzing the current detailed practice of HSTS and [HTTP Public Key Pinning](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning), as of November 2014.
Copy link
Contributor

@konklone konklone Aug 31, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, thank you!

pages/guide.md
The use of error codes in the 400's or 500's **will not** satisfy this requirement.

Note that while connections to port 80 are insecure, even for redirects, the use of [HSTS](/hsts/]) will instruct supporting HTTP clients to automatically redirect themselves from port 80 to port 443, without attempting to connect to port 80 over the network.
Note that while connections to port 80 are insecure, even for redirects, the use of [HSTS](/hsts/) will instruct supporting HTTP clients to automatically redirect themselves from port 80 to port 443, without attempting to connect to port 80 over the network.
Copy link
Contributor

@konklone konklone Aug 31, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good eye.

@konklone konklone merged commit c133215 into GSA:master Aug 31, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@konklone konklone konklone approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@anand-bhat @konklone