Update all redirects to blog.mozilla.org to https

RESOLVED FIXED

Status

P4
normal
RESOLVED FIXED
6 years ago
3 years ago

People

(Reporter: pmac, Assigned: kohei)

Tracking

(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: r=116716,116718)

Attachments

(2 attachments)

Currently all of the redirects in .htaccess in the mozilla.com repo are to `http://blog.mozilla.org/...`. This results in an additional redirect to https. We should just update these.
Adding trailing slashes would be nice as well.
Priority: -- → P4
(Assignee)

Comment 2

6 years ago
blog.mozilla.org is (still) accessible both with http and https. And my patch in Bug 798611 intends to replace all http(s) hard links.
(Assignee)

Comment 3

6 years ago
Marking WONTFIX for now, per comment 2. Please reopen if appropriate.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → WONTFIX
We should still update the redirects even if we update the hard links. I don't see how blog.m.o being accessible over http is relevant. I agree this isn't a priority, but we should do it at some point.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
(Assignee)

Updated

6 years ago
Blocks: 879544
Created attachment 758801 [details] [diff] [review]
first-patch

This changes all the blog links to https://
Attachment #758801 - Attachment is patch: true
Attachment #758801 - Attachment mime type: text/x-patch → text/plain
(Assignee)

Comment 6

6 years ago
The original request was avoiding "an additional redirect to https". Some sites like AMO, MDN and MozillaWiki are using https only, so it makes sense to hardcode https.

But blog.m.o is accessible via http. I think forcing https doesn't make sense. Using https for blog.m.o has been requested in Bug 866936 bug the discussion is inactive.

Some blogs have comment forms. The submittion should be secure, of course. That's Bug 866994.

My patch in Bug 798611 intends to redirect to https://blog.mozilla.org/ only if users are on https://www.mozilla.org/ in order to deliver a consistent experience on Mozilla properties. If users are on http://www.mozilla.org/, it's acceptable to redirect to http://blog.mozilla.org/ until Bug 866936 is resolved.

That's why I marked this bug WONTFIX.
(Assignee)

Updated

6 years ago
Depends on: 866936
I just don't agree. We should move toward security whenever possible. www.mozilla.org will go to it as soon as we can, as well the blogs should. I'd like to side on making the user as safe as possible and that means giving them https whenever we can. We'll need to do this whenever the blogs do go to https. When I filed this I'm pretty sure it's because I was redirected to https for some blog page. It's possible I was wrong about that, but I think the work is still worth doing.
(Assignee)

Comment 8

6 years ago
You mean Bug 358384 and Bug 796109 will be resolved in the near future? There's no active discussion right now.
Comment on attachment 758801 [details] [diff] [review]
first-patch

Review of attachment 758801 [details] [diff] [review]:
-----------------------------------------------------------------

This looks great. Thanks!
Attachment #758801 - Flags: review+
Whiteboard: r=116716
Whiteboard: r=116716 → r=116716,116718
Depends on: 798611

Updated

5 years ago
No longer depends on: 866936
(Assignee)

Comment 10

3 years ago
Created attachment 8741114 [details] [review]
pull request
Assignee: nobody → kohei.yoshino
Status: REOPENED → ASSIGNED

Comment 11

3 years ago
Commits pushed to master at https://github.com/mozilla/bedrock

https://github.com/mozilla/bedrock/commit/d821e31ac7ed5e5853e55d11abc9acb299e71b5e
Fix Bug 813692 - Update all redirects to blog.mozilla.org to https

https://github.com/mozilla/bedrock/commit/de8db2594901b5dbb0167f167d32561054ec50c9
Merge pull request #4065 from kyoshino/bug-813692-blog-https

Fix Bug 813692 - Update all redirects to blog.mozilla.org to https

Updated

3 years ago
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.