Opened 7 years ago
Closed 7 years ago
#488 closed defect (fixed)
svn.orxonox.net redirects HTTP to HTTPS
| Reported by: | landauf | Owned by: | |
|---|---|---|---|
| Priority: | critical | Milestone: | IT: Server Maintenance |
| Component: | IT | Version: | |
| Keywords: | Cc: | ||
| Referenced By: | References: |
Description
In general it seems to be possible to access http://svn.orxonox.net/ (i.e. without HTTPS and without login) but once the Webbrowser has accessed https://svn.orxonox.net/ (i.e. with HTTPS and login) all subsequent calls to HTTP are forwarded to HTTPS.
It might be due to the "improved" SSL-Settings (see #475) which include HSTS (https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) but this is just a wild guess.
Change History (1)
comment:1 Changed 7 years ago by landauf
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
It was in fact HSTS.
It is now disabled on svn.orxonox.net by adding this line to /etc/apache2/sites-available/svn.orxonox_secure.conf: