navi homePPSaboutscreenshotsdownloaddevelopmentforum

Opened 3 years ago

Closed 3 years ago

#488 closed defect (fixed) redirects HTTP to HTTPS

Reported by: landauf Owned by:
Priority: critical Milestone: IT: Server Maintenance
Component: IT Version:
Keywords: Cc:
Referenced By: References:


In general it seems to be possible to access (i.e. without HTTPS and without login) but once the Webbrowser has accessed (i.e. with HTTPS and login) all subsequent calls to HTTP are forwarded to HTTPS.

It might be due to the "improved" SSL-Settings (see #475) which include HSTS ( but this is just a wild guess.

Change History (1)

comment:1 Changed 3 years ago by landauf

  • Resolution set to fixed
  • Status changed from new to closed

It was in fact HSTS.

It is now disabled on by adding this line to /etc/apache2/sites-available/svn.orxonox_secure.conf:

Header always set Strict-Transport-Security "max-age=0"
Note: See TracTickets for help on using tickets.