On Fri, 2019-05-17 at 17:33 +0900, Marc Dequènes wrote:
> This rational does not stand anymore as now this URL replies with:
> < HTTP/1.1 302 Found
> < Location: https://popcon.debian.org/cgi-bin/popcon.cgi
>
> I don't know for how long this has been the case but as nobody seemed to
> have noticed I guess switching to HTTPS would be fine.
The popcon client does not get this redirect:
$ GET -dS http://popcon.debian.org/cgi-bin/popcon.cgi
GET http://popcon.debian.org/cgi-bin/popcon.cgi
302 Found
GET https://popcon.debian.org/cgi-bin/popcon.cgi
200 OK
$ GET -H 'User-Agent: popcon-upload' -dS http://popcon.debian.org/cgi-bin/popcon.cgi
GET http://popcon.debian.org/cgi-bin/popcon.cgi
200 OK
pabs@pinel:~$ grep -C1 popcon-upload /etc/apache2/sites-available/popcon.debian.org
RewriteEngine on
RewriteCond "%{HTTP_USER_AGENT}" !popcon-upload
RewriteRule ^(.*) https://popcon.debian.org$1 [R,L]
--
bye,
pabs
https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part