On Wed, Sep 7, 2016 at 5:31 PM, Daniel Gustafsson <daniel@yesql.se> wrote:
> On 24 May 2016, at 21:35, Magnus Hagander <magnus@hagander.net> wrote: > > As some were briefed about during the pginfra session at pgcon, we have now configured the www.postgresql.org website to be https only. > > Any access with http should result in a redirect to https only. We will be deploying http strict transport security at a later date, once we have had more testing. > > Speaking of testing, we'd appreciate help from others with testing the site out at this point. Please let us know anything that does not work properly for you (especially if related to https, but please report other issues as well, as they might be "silently dependent" on the change through other backend changes bundled up with it)
A little late to the party, but I just noticed that developer.postgresql.org doesn’t work over https while all the other x.postgresql.org sites do (a file residing there was linked in a README). Is that intentional?
It's not intentional and it's not wrong. Basically we haven't gotten to that box yet. It's only the main website that's 100% there, there are still TODO items left on the others.
