Making WordPress.org

#6673 closed defect (bug) (fixed)

Photo CDN doesn't redirect non-https traffic

Reported by: zackkrida's profile zackkrida Owned by: coffee2code's profile coffee2code
Milestone: Priority: normal
Component: Photo Directory Keywords:
Cc:

Description

On the Openverse team we recently observed that the CDN domain used by the photo directory, pd.w.org, does not redirect non-https traffic to https. In fact, it doesn't handle non-https traffic at all.

As an example, visit the raw image on this page:

https://wordpress.org/photos/photo/65063ae69b/

which is:

https://pd.w.org/2022/12/65063ae69ba99b5d6.03253468-rotated.jpg

now try to visit the http version and observe the request fails.

As a best practice, these requests should be handled and redirected to their secure counterparts.

Change History (4)

#1 @dd32
18 months ago

  • Resolution set to reported-upstream
  • Status changed from new to closed

I've filed this on the Systems Requests P2: https://make.wordpress.org/systems/2023/01/12/enable-http-redirect-endpoint-on-pd-w-org/

This CDN is a Google Cloud CDN, and I'm assuming @coffee2code doesn't have access to the backend configuration.

I'm closing this in favour of the p2 post above.

#2 @dd32
18 months ago

  • Resolution reported-upstream deleted
  • Status changed from closed to reopened

#3 @dd32
18 months ago

  • Owner set to coffee2code
  • Status changed from reopened to assigned

#4 @coffee2code
17 months ago

  • Resolution set to fixed
  • Status changed from assigned to closed

Fixed. HTTP traffic now redirects to HTTPS.

Note: See TracTickets for help on using tickets.