OpenRAWeb icon indicating copy to clipboard operation
OpenRAWeb copied to clipboard
verified publisher icon OpenRA

HTTPS for openra.net

Open xan2622 opened this issue 7 years ago • 11 comments

Starting in July, Google Chrome will mark all HTTP sites as “not secure".

https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html https://nakedsecurity.sophos.com/2018/01/17/firefox-locks-down-its-future-with-https-secure-contexts/

It might be interesting to move http://www.openra.net to https as well. See also: https://letsencrypt.org

xan2622 avatar Feb 11 '18 15:02 xan2622

Yes, just opened an issue for the same reason at the wrong place :/

Echolon avatar Mar 14 '18 21:03 Echolon

The main website is hosted on Github Pages, which still doesn't support https for custom domains.

pchote avatar Mar 14 '18 22:03 pchote

Support said they will make a +1 in their internal Feature Request List and alternatively named this link https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/

But I think this is not of your interest.... Guess we need to wait for it :/

Echolon avatar Apr 29 '18 14:04 Echolon

Github have finally announced support for https on custom domains: https://blog.github.com/2018-05-01-github-pages-custom-domains-https/

https://www.openra.net/ already kind of works, and we can look into fixing the remaining issues and setting up the http -> https redirects when time allows.

pchote avatar May 01 '18 23:05 pchote

Ouh yeah, I made it :)

Echolon avatar May 02 '18 09:05 Echolon

https is now enforced for www.openra.net.

pchote avatar May 02 '18 18:05 pchote

Enforcing https broke the ingame asset downloads on windows 10, so I have had to disable that option. Reopening ticket so that someone else doesn't unknowingly enable that option again until the cause can be identified and fixed.

https will still work, it just won't force redirect standard http to use it.

pchote avatar May 03 '18 17:05 pchote

I expect https://github.com/OpenRA/OpenRA/pull/15519 should fix the asset downloads, so we should be able to reenable this after the next release.

pchote avatar Aug 15 '18 19:08 pchote

You're still my beloved mod project :smiley:

Echolon avatar Aug 15 '18 21:08 Echolon

I assume this issue is fixed?

anjew175 avatar May 30 '19 18:05 anjew175

Not forced

On May 30, 2019 8:19:21 PM GMT+02:00, anjew175 [email protected] wrote:

I assume this issue is fixed?

-- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/OpenRA/OpenRAWeb/issues/372#issuecomment-497431065

Echolon avatar May 31 '19 08:05 Echolon