Hi,
I'm not sure if reports about any errors, apparent errors, or suggestions wrt the micropython website are more appropriately reported as github pull requests or as a post here...but please let me know if there's a preference.
I just wanted to report what I'm assuming are just a couple of minor bugs in the html of the micropython website (since the website implements https) that I only noticed when when using wget to download binaries:
-- the links to download the binaries at https://micropython.org/download start with html instead of https
(thanks to the way browsers by default now cut off the prefix of url's when hovering over them this isn't readily apparent)
-- If a user types micropython.org or http://micropython.org in a browser's url box, the url should auto-resolve to https://micropython.org
?
(Right now http://micropython.org does not redirect to https://micropython.org)
-- would sha256 or sha512 sums be worth using for the binaries and other downloads ? or would the payoff not be so great
(not my field, but I wonder about the effectiveness if the listed sums to be matched to could be manipulated if someone was that determined to mess with the downloads links)
Thanks as always for all the nice work being done!
minor website error/suggestions
Re: minor website error/suggestions
Hi,
Switching especially download links to HTTPS but also doing HTTP to HTTPS redirect as suggested really would be a good idea...
Chrome and Firefox will soon start marking non-TLS HTTP websites and insecure, and distributing software over in HTTP runs a small but real risk that the data will be tampered with in transit.
Regards,
Simon
Switching especially download links to HTTPS but also doing HTTP to HTTPS redirect as suggested really would be a good idea...
Chrome and Firefox will soon start marking non-TLS HTTP websites and insecure, and distributing software over in HTTP runs a small but real risk that the data will be tampered with in transit.
Regards,
Simon