Redirecting HTTP to HTTPS
Listen now
Description
Josh and Kurt talk about a blog post titled "Your API Shouldn't Redirect HTTP to HTTPS". It's an interesting idea, and probably a good one. There is however a lot of baggage in this space as you'll hear in the discussion. There's no a simple solution, but this is certainly something to discuss.
Show Notes Your API Shouldn't Redirect HTTP to HTTPS Hacker News discussion HSTS Section 5.1
More Episodes
Josh and Kurt talk about three wangles of responsibility. We start with a story about a bike theft ring, bike theft doesn't usually get any attention, but this one is special. Then we ask why it seems like everyone is getting hacked, it's because they have to tell us now. And finally we have a...
Published 06/24/24
Josh and Kurt talk about a new proposal from OpenSSH to add a timeout to penalize clients misbehaving. But this then brings up the typical security conversation of "if it's not perfect we shouldn't do it". Trying new things is a good thing, even if something fails, we learn a lesson that we can...
Published 06/17/24
Published 06/17/24
Links
Twitter
Facebook
Instagram
Patreon
Genres
Artwork or description wrong?
Request an update »
Updates may take a few minutes.
Do you host a podcast?
Track your ranks and reviews from Spotify, Apple Podcasts and more.
See hourly chart positions and more than 30 days of history.
Get Chartable Analytics »
See hourly chart positions and more than 30 days of history.
