Ask HN: Why should I need to support non-secure HTTP?

1 points by 3pt14159 ↗ HN
Why don't browsers default to trying HTTPS if there is a DNS record but no response on port 80? Or better yet, default to just trying HTTPS first. I understand I can add my site to browser based HSTS lists, but this doesn't really help people developing command line applications or API client libraries where a 302 could be followed without the developer even noticing.

Is there a reason to support HTTP at all, other than current user experience in the browser?

0 comments

[ 2.8 ms ] story [ 10.2 ms ] thread

No comments yet.