Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

require httpS connections #91

Closed
krugerk opened this issue Jul 10, 2020 · 1 comment · Fixed by #105
Closed

require httpS connections #91

krugerk opened this issue Jul 10, 2020 · 1 comment · Fixed by #105
Assignees
@krugerk

Comments

@krugerk
Copy link
Contributor

krugerk commented Jul 10, 2020

I see insecure loads (http) are allowed to beeminder.com. Surely the httpS server settings and certificate settings have been updated/upgraded within the past three years and the settings can be tweaked to stay with the times.

SSL Server Test at ssllabs

Given the app now only supports iOS 10 and later, ... I suspect the ATS exceptions for beeminder are not necessary. (Would guess the same for the other non-local ones mentioned - akamaihd.net, facebook.com, and fbcdn.net.)
@adamwolf
Copy link

If the defaults don't work for Beeminder, feel free to @ me and let me know what errors you get, and I could take a look on the server side!

@krugerk krugerk mentioned this issue Jul 29, 2020
Merged
andrewpbrett added a commit that referenced this issue Jul 30, 2020
@andrewpbrett
Merge pull request #105 from krugerk/bugfix/91-ats-tweaks-in-2020
f8b459d 
#91 ATS tweaks
@krugerk krugerk self-assigned this Aug 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@krugerk krugerk

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

#91 ATS tweaks
2 participants
@adamwolf @krugerk