Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http://snapper.io/ lacking HTTPS #707

Open
tacerus opened this issue Apr 18, 2022 · 1 comment
Open

http://snapper.io/ lacking HTTPS #707

tacerus opened this issue Apr 18, 2022 · 1 comment

Comments

@tacerus
Copy link
Member

tacerus commented Apr 18, 2022
edited
Loading

Hi,

it would be great if the page was enabled for HTTPS with a respective redirect and a valid certificate.

https://docs.github.com/en/pages/getting-started-with-github-pages/securing-your-github-pages-site-with-https

Best,
Georg
@aschnell aschnell mentioned this issue Oct 24, 2023
Closed
@numanair numanair mentioned this issue Oct 2, 2024
Open
@WaitingAtTheCrossroads
Copy link

This really needs to be a priority. It can, and does, happen that random http sites are used as initial attack vector to full system compromise.

The http protocol makes MITM trivial; a bad actor then injects some javascript with a zero-day or two and boom - game over. This should be common knowledge in 2024.

Please stop enabling this, it is irresponsible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tacerus @WaitingAtTheCrossroads