| Deutsch English Français Italiano |
|
<vcjemc$dhdf$1@solani.org> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail From: Mild Shock <janburse@fastmail.fm> Newsgroups: comp.lang.prolog Subject: Re: broken and insecure links (Was: comp.lang.prolog Frequently Asked Questions) Date: Fri, 20 Sep 2024 11:19:10 +0200 Message-ID: <vcjemc$dhdf$1@solani.org> References: <18c37160924.070003@logic.at> <vcja71$df34$1@solani.org> <vcjcco$g1tk$1@solani.org> <vcjcgo$g1tk$2@solani.org> <vcjcrc$g28h$1@solani.org> <vcjdhl$dgun$1@solani.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Date: Fri, 20 Sep 2024 09:19:08 -0000 (UTC) Injection-Info: solani.org; logging-data="443823"; mail-complaints-to="abuse@news.solani.org" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0 SeaMonkey/2.53.19 Cancel-Lock: sha1:k/B8cP3HrE/yH9TrwDFils1leX8= In-Reply-To: <vcjdhl$dgun$1@solani.org> X-User-ID: eJwFwQcBwDAMAzBKTeucwckzfwiT9JlYO0wNSiWI7/pRuR1Wtyu6Dufj1giQ2539wukB9z25MlC/nsRy3g9kLBZa Bytes: 2742 Lines: 47 But its up to the server admin paranoia to provide HTTPS at all. Your paranoia goes away if you notice that HTTPS is practially recommended for example under the EU GDPR or CCPA. https://gdpr.eu/ https://oag.ca.gov/privacy/ccpa Mild Shock schrieb: > GIT does also produce a HTTPS warning and > not allow HTTP at all, it works with a HTTP > client that has redirect(true): > > $ git clone http://www.dogelog.ch/dogelog/.git > Cloning into 'dogelog'... > warning: redirecting to https://www.dogelog.ch/dogelog/.git/ > Fetching objects: 4613, done. > > The warning tells me I have a **security glitch** > using initially HTTP, and I should use a HTTPS > link from the start. > > Your SWI-Prolog GIT library might suppress this > warning, which is **not ok** in my opinion. To avoid > the warning I directly publish a HTTPS link: > > 1 GIT Access > For binary files and source code initially: > git clone https://www.dogelog.ch/dogelog/.git > > Mild Shock schrieb: >> Here is a sketch how this could be checked: >> ``` >> http_open(_, _, [final_url(FinalURL)]), >> (\+ sub_atom(FinalURL, 0, _, _, 'https:') -> >> /* show some warning or even fatal error */ >> ``` >> [https://www.swi-prolog.org/pldoc/man?predicate=http_open/3](https://www.swi-prolog.org/pldoc/man?predicate=http_open/3) >> >> >> Or better using the `redirect(false`) http option >> from the beginning. Some modern HTTP clients have >> even a third `redirect/1` option besides true and >> >> false that prevents HTTP to HTTPS promotion.