[Haskell-cafe] Redirecting hackage.haskell.org to HTTPS

Tikhon Jelvis tikhon at jelv.is
Sun Nov 15 05:42:28 UTC 2020


 Pages on hackage.haskell.org are currently served over both HTTP and
HTTPS. Package security on Hackage does not depend on HTTPS, so we keep
HTTP endpoints for backwards compatibility with automated systems that
depend on Hackage and do not support HTTPS.

However, this means that it's possible for users to inadvertently browse
Hackage pages on HTTP which is not a great user experience. To address this
issue without breaking existing scripts, we are planning to redirect
requests to HTTPS based on User-Agent headers: requests with "Mozilla/5.0"
in their User-Agent string will be redirected to HTTPS and other requests
will remain unchanged.

Please contact us at committee at haskell.org if this change will cause
problems with how you use Hackage. Otherwise, the new behavior will go into
effect on 2020-11-23.

Thanks!
-Tikhon Jelvis, on behalf of the Haskell.org Committee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/haskell-cafe/attachments/20201114/b571be57/attachment.html>


More information about the Haskell-Cafe mailing list