Opened 20 months ago
Closed 20 months ago
#6673 closed defect (bug) (fixed)
Photo CDN doesn't redirect non-https traffic
Reported by: | zackkrida | Owned by: | coffee2code |
---|---|---|---|
Milestone: | Priority: | normal | |
Component: | Photo Directory | Keywords: | |
Cc: |
Description
On the Openverse team we recently observed that the CDN domain used by the photo directory, pd.w.org, does not redirect non-https traffic to https. In fact, it doesn't handle non-https traffic at all.
As an example, visit the raw image on this page:
https://wordpress.org/photos/photo/65063ae69b/
which is:
https://pd.w.org/2022/12/65063ae69ba99b5d6.03253468-rotated.jpg
now try to visit the http version and observe the request fails.
As a best practice, these requests should be handled and redirected to their secure counterparts.
Change History (4)
Note: See
TracTickets for help on using
tickets.
I've filed this on the Systems Requests P2: https://make.wordpress.org/systems/2023/01/12/enable-http-redirect-endpoint-on-pd-w-org/
This CDN is a Google Cloud CDN, and I'm assuming @coffee2code doesn't have access to the backend configuration.
I'm closing this in favour of the p2 post above.