Bug#860484: Use secure HTTPS URLs where possible
Paul Menzel
pm.debian at googlemail.com
Mon Apr 17 16:52:08 UTC 2017
Package: kodi
Severity: wishlist
Dear Debian folks,
Could you please use HTTPS URLs, where it’s possible to securely access
a Web site over HTTPS? That’d be great, and would increase the security
a little bit for users clicking on these URLs.
Currently, I am thinking about the URLs in the README [1], and the
reference to the Kodi Web site [2] on the package page [3][4].
One example for the domain `packages.qa.debian.org`.
```
$ curl -I http://packages.qa.debian.org/k/kodi.html
HTTP/1.1 301 Moved Permanently
Date: Mon, 17 Apr 2017 16:49:50 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Referrer-Policy: no-referrer
X-Xss-Protection: 1
Location: https://packages.qa.debian.org/k/kodi.html
Content-Type: text/html; charset=iso-8859-1
```
Thanks,
Paul
[1] https://kodi.tv
[2] https://sources.debian.net/src/kodi/2:17.1%2Bdfsg1-2/debian/README.Debian/
[3] https://packages.debian.org/sid/kodi
[4] https://sources.debian.net/src/kodi/2:17.1%2Bdfsg1-2/debian/control/#L103
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20170417/e4fbdb01/attachment.sig>
More information about the pkg-multimedia-maintainers
mailing list