Closed Bug 675177 Opened 14 years ago Closed 14 years ago

Add secure http redirects for https://*.s.m.c/

Categories

(Cloud Services :: Operations: Miscellaneous, task)

Product:
Cloud Services
Component:
Operations: Miscellaneous
Platform:
x86
macOS
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: igarcia, Unassigned)

Details

(Whiteboard: [qa-])

http://account.services.mozilla.com/ Returns an error. Can we redirect it to the https:// version?
Moving to ops, since this is really a nginx/zeus change
Component: Server: Account Portal → Operations: Deployment Requests
QA Contact: account-portal → operations-deploy-requests
We are technically capable of doing so, but traditionally do not publish non-HTTP. Leaving open for future consideration.
Severity: normal → enhancement
Component: Operations: Deployment Requests → Operations
QA Contact: operations-deploy-requests → operations
Summary: Account portal http version doesn't work → Add secure http redirects for https://*.s.m.c/
HSTS is enabled for all of our SSL sites, now. For example: % curl -sD- https://account.services.mozilla.com | grep Strict-Transport-Security Strict-Transport-Security: max-age=315360000 Please re-open if there are still compelling reasons (lots of user complaints, maybe?) to turn on port 80 and add a redirect.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → WONTFIX
Verbal discussion with :mcoates a few weeks ago confirms that we are not going to be opening port 80 as these sites are entirely :443, and have never been advertised anywhere with http://, and so after the first visit to the site by a user hand-typing URLs, they'll be sent to https:// every time thereafter.
Whiteboard: [qa-]
You need to log in before you can comment on or make changes to this bug.