Ask HN: Why should I need to support non-secure HTTP?
Why don't browsers default to trying HTTPS if there is a DNS record but no response on port 80? Or better yet, default to just trying HTTPS first. I understand I can add my site to browser based HSTS lists, but this doesn't really help people developing command line applications or API client libraries where a 302 could be followed without the developer even noticing.
Is there a reason to support HTTP at all, other than current user experience in the browser?
0 comments
[ 2.8 ms ] story [ 10.2 ms ] threadNo comments yet.