http2https4app

dragonxi

What are Pros & Cons to redirect http to https for .app and .dev websites in the server ?

sean

I'm not sure how to discuss this in terms of pros and cons.

Redirects to HTTPS can be enabled via the site config in your Opalstack dashboard. That feature is available if you need it.

Pro, I guess? 🤷‍♂️

dragonxi

sean According to Google https is required for xxxxxx.app and xxxxxxxx.dev websites, where xxxxxxxx is any valid domain.

Most newer browser clients such as Google Chrome Firefox Opera automatically add https i.e. not http when a user keys in xxxxxxxx.app and xxxxxxxx.dev whereas older browsers such as IE add http in which case the IE client makes http connection to server which from security point is risky even if http is redirected to https in server. Not redirecting http to https for xxxxxxxx.app and xxxxxxxx.dev would force clients to use https from the very beginning, the price to be paid might be that they would not come to the website with these older browsers or if they prefer faster unsecure http.
Have to contemplate this, any tips more than welcome!