Please ensure this redirect happens for the security and privacy of all users.
I just tried it and it does redirect for me.
also safenetforum.org redirects too. (without http://)
using firefox without the addon to force https
I reproduced this on two browsers in several different ‘modes’. Not sure why it’s redirecting for you, maybe a long-lived HSTS header which I don’t have?
firefox private mode
Not sure what is happening. Are you using a business/uni network? Can you redirect other non-https urls to the https version?
I just tried chrome (all of this on 2 machines) and it works.
When done on firefox I actually see the http version accessed then it moves to https version after 1/4 second or so like other redirects do.
So what the issue is beyond me at the moment.
Both responses are status 200 when I’d expect a 301 from http to https
Also check the
Server header below (why is it different?!)
Any difference with the response headers you’re seeing?
ian@ian-desktop:~ $ curl -I http://safenetforum.org HTTP/1.1 200 OK Server: nginx Date: Thu, 12 Apr 2018 02:54:02 GMT Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Discourse-Route: list/latest Cache-Control: no-store, must-revalidate, no-cache, private X-Request-Id: 71cd1be7-30c4-47bf-be75-0bce048163f4 X-Runtime: 0.156217 Referrer-Policy: no-referrer-when-downgrade Discourse-Proxy-ID: app-router-tiehunter07
ian@ian-desktop:~ $ curl -I https://safenetforum.org HTTP/1.1 200 OK Server: nginx/1.13.11 Date: Thu, 12 Apr 2018 02:54:07 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Discourse-Route: list/latest Cache-Control: no-store, must-revalidate, no-cache, private X-Request-Id: 15f0d1c7-9ee3-4418-bd88-a6b3a22cf7e6 X-Runtime: 0.137216 Referrer-Policy: no-referrer-when-downgrade Discourse-Proxy-ID: app-router-tiehunter07
Standard residential ADSL network.
Yes. eg http://iancoleman.io redirects for me to https
I have tested this on 2 windows systems with Vivaldi and Firefox with https everywhere disabled.
They all redirect just fine.
I’m able to reproduce this issue in Chrome and Firefox when opening http://safenetforum.org in a new incognito/private window.
I just contacted the Discourse team, I’ll let you know when they fix this issue (I’m pretty sure the redirect from HTTP to HTTPS was working fine before). Thank you @mav for letting us know about this
I get the same.
I am going to try adding the firfox ID in the curl to see if nginx reacts differently. (after lunch that is)
Adding “user-agent” and/or referrer makes no difference.
So firefox and chrome must have been testing for https without being asked to.
The Discourse team just re-enabled the redirect from HTTP to HTTPS. They said this was caused by our DNS looking wrong to them since it’s at the root domain. It should be fixed now.
Yes it looks fixed from here, thanks for arranging it.