On Tue, 2014-12-23 at 23:45 -0500, James McCoy wrote: > Debsources itself isn't something that specifically warrants > https-only access, so we should enable the amin deploying the code to > make that choice for herself. Using scheme-relative URLs enables that > choice. Using schema-relative URLs makes sense for debsources itself since we can't know which protocol the sysadmin will make it available over. Hence why the patch I posted didn't change debsources URLs. > Debian has chosen to use https, so our instance of the service can be > configured at the httpd level to only allow https access. Ack, Stefano, could you redirect http URLs to https? -- bye, pabs https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part