Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider changing URLs to https in docs #91838

Open
Jean-Abou-Samra opened this issue Apr 22, 2022 · 5 comments
Open

Consider changing URLs to https in docs #91838

Jean-Abou-Samra opened this issue Apr 22, 2022 · 5 comments
Assignees
Labels
docs

Comments

@Jean-Abou-Samra
Copy link
Contributor

Jean-Abou-Samra commented Apr 22, 2022

Many URLs in the documentation are using the HTTP protocol:

cpython/Doc$ git grep "http://" | wc -l
460
cpython/Doc$ git grep "https://" | wc -l
805

A number of these could be converted to HTTPS. If this would be welcome, I am willing to open a PR for that, converting them with a script that checks if the HTTPS equivalent is reachable.

@Jean-Abou-Samra Jean-Abou-Samra added the docs label Apr 22, 2022
@serhiy-storchaka
Copy link
Member

serhiy-storchaka commented Apr 22, 2022

AFAIK many URLs were converted to HTTPS several years ago. These that left are URLs which do not work with HTTPS or redirect to HTTP. Things could changed since and more URLs could be now converted to HTTPS, but you should test that it is a canonical representation. Not only that the HTTPS equivalent is reachable, but that it is not a redirection to HTTP.

@slateny
Copy link
Contributor

slateny commented Jul 30, 2022

What would be the concern if links converted to https redirects to http?

@serhiy-storchaka
Copy link
Member

serhiy-storchaka commented Jul 31, 2022

It does not have advantages over keeping the HTTP link, but it would mislead the user.

@Jean-Abou-Samra, if you are willing to open a PR for that, please go ahead, but test also that the replacements are meaningful. Otherwise I'll close this issue.

@serhiy-storchaka serhiy-storchaka added the pending label Jul 31, 2022
@Jean-Abou-Samra
Copy link
Contributor Author

Jean-Abou-Samra commented Jul 31, 2022

@slateny slateny closed this as not planned Aug 1, 2022
serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this issue Aug 1, 2022
…to HTTPS

If an HTTP link is redirected to a same looking HTTPS link, the latter can
be used directly without changes in readability and behavior.
It protects from a men-in-the-middle attack.

This change does not affect Python examples.
@serhiy-storchaka
Copy link
Member

serhiy-storchaka commented Aug 1, 2022

I already started a work for the most harmless changes.

@serhiy-storchaka serhiy-storchaka removed the pending label Aug 1, 2022
@serhiy-storchaka serhiy-storchaka self-assigned this Aug 1, 2022
serhiy-storchaka added a commit that referenced this issue Aug 4, 2022
…PS (GH-95527)

If an HTTP link is redirected to a same looking HTTPS link, the latter can
be used directly without changes in readability and behavior.
It protects from a men-in-the-middle attack.

This change does not affect Python examples.
serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this issue Aug 4, 2022
…direct to HTTPS (pythonGH-95527)

If an HTTP link is redirected to a same looking HTTPS link, the latter can
be used directly without changes in readability and behavior.
It protects from a men-in-the-middle attack.

This change does not affect Python examples..
(cherry picked from commit f79547a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this issue Aug 4, 2022
…to HTTPS (pythonGH-95527)

If an HTTP link is redirected to a same looking HTTPS link, the latter can
be used directly without changes in readability and behavior.
It protects from a men-in-the-middle attack.

This change does not affect Python examples.
serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this issue Aug 4, 2022
…direct to HTTPS (pythonGH-95527)

If an HTTP link is redirected to a same looking HTTPS link, the latter can
be used directly without changes in readability and behavior.
It protects from a men-in-the-middle attack.

This change does not affect Python examples..
(cherry picked from commit f79547a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka added a commit that referenced this issue Aug 4, 2022
… to HTTPS (GH-95527) (GH-95643)

If an HTTP link is redirected to a same looking HTTPS link, the latter can
be used directly without changes in readability and behavior.
It protects from a men-in-the-middle attack.

This change does not affect Python examples..
(cherry picked from commit f79547a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka added a commit that referenced this issue Aug 4, 2022
… to HTTPS (GH-95527) (GH-95644)

If an HTTP link is redirected to a same looking HTTPS link, the latter can
be used directly without changes in readability and behavior.
It protects from a men-in-the-middle attack.

This change does not affect Python examples..
(cherry picked from commit f79547a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this issue Aug 4, 2022
It updates links which redirect to HTTPS with different authority or
path.
serhiy-storchaka added a commit that referenced this issue Aug 4, 2022
It updates links which redirect to HTTPS with different authority or
path.
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Aug 4, 2022
…95642)

It updates links which redirect to HTTPS with different authority or
path.
(cherry picked from commit d0d0154)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Aug 4, 2022
…95642)

It updates links which redirect to HTTPS with different authority or
path.
(cherry picked from commit d0d0154)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this issue Aug 4, 2022
miss-islington added a commit that referenced this issue Aug 4, 2022
It updates links which redirect to HTTPS with different authority or
path.
(cherry picked from commit d0d0154)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
miss-islington added a commit that referenced this issue Aug 4, 2022
It updates links which redirect to HTTPS with different authority or
path.
(cherry picked from commit d0d0154)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Aug 8, 2022
…onGH-95650)

(cherry picked from commit cc9160a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka added a commit to serhiy-storchaka/cpython that referenced this issue Aug 8, 2022
pythonGH-95650).

(cherry picked from commit cc9160a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
serhiy-storchaka added a commit that referenced this issue Aug 8, 2022
…95650). (GH-95786)

(cherry picked from commit cc9160a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
ambv pushed a commit that referenced this issue Aug 10, 2022
…H-95780)

(cherry picked from commit cc9160a)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
docs
Projects
None yet
Development

No branches or pull requests

3 participants