On 10/28/2010 03:27 AM, Loui Chang wrote:
On Wed 27 Oct 2010 14:14 +0200, Pierre Schmitz wrote:
On Wed, 27 Oct 2010 11:40:19 +0300, Ionuț Bîru<ib...@archlinux.org>
wrote:
As i said earlier in a reply to Loui, maybe we can do it
better.Having https only for login and then redirecting to http is
like not having it at all.
Simply using https for all connections is the easiest and best solution
imho. Everything in between is either insecure or inconvenient for the
users. And I also don't see the need for it. Every sane http client
should handle a http redirect and https. If it does not it's just a bug
in the client. Of course it is unfortunate that this wasn't tested by
the clyde author before.
I would appreciate if you consult aur-dev before making changes to the
AUR. Can you please describe how you made this change, and how we can
enable normal http?
seriously, why did you changed it back to http over https?
in less than 1 day all aur helpers are working again and i don't see a
reason to use http again. Really, what's the point?
--
Ionuț
