[Development] Gerrit HTTP vs HTTPS
Giovanni Bajo
rasky at develer.com
Wed Oct 26 11:12:36 CEST 2011
Hi,
I'm not sure what's the correct "meta-list" now (list for discussion on the qt-project itself), so I'm posting there. I apologize in advance if it is not the correct list.
Gerrit is available on both http:// and https://, but since it's using HTTP basic-auth, passwords are transmitted in clear over the wire. Does the non-secure instance serve any purpose? Otherwise, I guess it's better to disable it, or at least change it to a redirector to the secure instance.
Thanks!
--
Giovanni Bajo :: rasky at develer.com
Develer S.r.l. :: http://www.develer.com
My Blog: http://giovanni.bajo.it
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4819 bytes
Desc: not available
URL: <http://lists.qt-project.org/pipermail/development/attachments/20111026/f567b461/attachment.bin>
More information about the Development
mailing list