Fossil SCM
Noted the fact that Fossil 2.9+ remembers the HTTPS URI in sync when accessed via an HTTP to HTTPS redirect.
Commit
6b472ae172549d3fa5759ff728ef5f682f7fc492e1f1fda93a60cfe7bf691263
Parent
08c52c35bada388…
1 file changed
+6
+6
| --- www/ssl.wiki | ||
| +++ www/ssl.wiki | ||
| @@ -246,10 +246,16 @@ | ||
| 246 | 246 | repository, be sure to use the <tt>https:</tt> URI scheme in |
| 247 | 247 | <tt>clone</tt> and <tt>sync</tt> commands. If your server is configured |
| 248 | 248 | to serve the repository via both HTTP and HTTPS, it's easy to |
| 249 | 249 | accidentally use unencrypted HTTP if you forget the all-important 's'. |
| 250 | 250 | |
| 251 | +As of Fossil 2.9, using an <tt>http://</tt> URI with <tt>fossil | |
| 252 | +clone</tt> or <tt>sync</tt> on a site that forwards to HTTPS will cause | |
| 253 | +Fossil to remember the secure URL. However, there's a | |
| 254 | +[https://en.wikipedia.org/wiki/Trust_on_first_use | TOFU problem] with | |
| 255 | +this: it's still better to use <tt>https://</tt> from the start. | |
| 256 | + | |
| 251 | 257 | As of Fossil 2.8, there is a setting in the Fossil UI under Admin → |
| 252 | 258 | Access called "Redirect to HTTPS," which is set to "Off" by default. |
| 253 | 259 | Changing this only affects web UI access to the Fossil repository. It |
| 254 | 260 | doesn't affect clones and syncs done via the <tt>http</tt> URI scheme. |
| 255 | 261 | |
| 256 | 262 |
| --- www/ssl.wiki | |
| +++ www/ssl.wiki | |
| @@ -246,10 +246,16 @@ | |
| 246 | repository, be sure to use the <tt>https:</tt> URI scheme in |
| 247 | <tt>clone</tt> and <tt>sync</tt> commands. If your server is configured |
| 248 | to serve the repository via both HTTP and HTTPS, it's easy to |
| 249 | accidentally use unencrypted HTTP if you forget the all-important 's'. |
| 250 | |
| 251 | As of Fossil 2.8, there is a setting in the Fossil UI under Admin → |
| 252 | Access called "Redirect to HTTPS," which is set to "Off" by default. |
| 253 | Changing this only affects web UI access to the Fossil repository. It |
| 254 | doesn't affect clones and syncs done via the <tt>http</tt> URI scheme. |
| 255 | |
| 256 |
| --- www/ssl.wiki | |
| +++ www/ssl.wiki | |
| @@ -246,10 +246,16 @@ | |
| 246 | repository, be sure to use the <tt>https:</tt> URI scheme in |
| 247 | <tt>clone</tt> and <tt>sync</tt> commands. If your server is configured |
| 248 | to serve the repository via both HTTP and HTTPS, it's easy to |
| 249 | accidentally use unencrypted HTTP if you forget the all-important 's'. |
| 250 | |
| 251 | As of Fossil 2.9, using an <tt>http://</tt> URI with <tt>fossil |
| 252 | clone</tt> or <tt>sync</tt> on a site that forwards to HTTPS will cause |
| 253 | Fossil to remember the secure URL. However, there's a |
| 254 | [https://en.wikipedia.org/wiki/Trust_on_first_use | TOFU problem] with |
| 255 | this: it's still better to use <tt>https://</tt> from the start. |
| 256 | |
| 257 | As of Fossil 2.8, there is a setting in the Fossil UI under Admin → |
| 258 | Access called "Redirect to HTTPS," which is set to "Off" by default. |
| 259 | Changing this only affects web UI access to the Fossil repository. It |
| 260 | doesn't affect clones and syncs done via the <tt>http</tt> URI scheme. |
| 261 | |
| 262 |