Imagej.net HTTP blanket redirect to HTTPS

https
Tags: #<Tag:0x00007fd69c3e7db0>

#1

All unencrypted HTTP links on the ImageJ wiki now redirect to HTTPS. E.g., http://imagej.net/ goes to https://imagej.net/. Hopefully this will alleviate the login issues some people have been experiencing.

This is an experiment to see whether there are any adverse issues. Please complain on this thread if it causes you problems.

There are several other domains (e.g., http://fiji.sc/) which I would like to blanket redirect to HTTPS. However, please note that there are some subdomains which, for technical reasons, cannot be made to blanket redirect. In particular, Java has issues communicating with HTTPS URLs using Let’s Encrypt, the certificate authority used by imagej.net sites; see this SO post for technical details. So at least the following subdomains will continue to support [1] unencrypted HTTP for the foreseeable future: update.imagej.net, update.fiji.sc, sites.image.net, wsr.imagej.net, samples.fiji.sc.

[1] Of course, “support” here does not mean prefer. It is certainly the goal to make ImageJ use HTTPS with the updater whenever possible. It’s just that when using HTTPS is infeasible e.g. because the Java version is too old, falling back to HTTP needs to remain possible (along with a warning to the user about security!).


Exception when updating Fiji
#2

@ctrueden there seems to be a problem: Exception when updating Fiji

I actually have the same problem.


#3

Thanks @tibuch. I added http://imagej.net/List_of_update_sites as an exclusion. I hope this fixes the issue.

Edit: There were still issues; I reverted the blanket redirect for the time being. :disappointed: