Conversation:
Notices
-
I seem remember being told that changing !GNUsocial from ‘Never SSL’ or ‘Sometimes SSL’ to ‘Always SSL’ was problematic at best. Is that still the case?
-
One reason it was problematic is that urls were stored in the DB. I assume this is still the case.
-
Not quite as troublesome. But there's no documented best practice...
We're going to have to setup good test environments and try it out before I can guarantee anything (it'll never work against legacy StatusNet though).
-
@rugk The issue is regarding federation and that the URI is updated making http no longer match tge remote identity. So not something HSTS will solve .)