Context Navigation

+0
← Previous Ticket
Next Ticket →

#6981 open defect

HTTPS redirect for Trac missing

Reported by:	slhck	Owned by:
Priority:	normal	Component:	trac
Version:	unspecified	Keywords:
Cc:	val.zapod.vz@gmail.com	Blocked By:
Blocking:		Reproduced by developer:	no
Analyzed by developer:	no

Description

I noticed that when you open http://trac.ffmpeg.org it doesn't auto-forward you to https://trac.ffmpeg.org, making logins insecure and exposing user passwords and other activity in cleartext.

It'd be great if you could change the server config to always redirect such requests, as is common security practice these days.

Change History (2)

comment:1 by Balling, 3 years ago

Cc:	val.zapod.vz@gmail.com added
Status:	new → open

Yes, nice one.

comment:2 by llogan, 14 months ago

Also see #7765.

Note: See TracTickets for help on using tickets.

Download in other formats:

RSS Feed
Comma-delimited Text
Tab-delimited Text