3 comments

[ 1.9 ms ] story [ 20.0 ms ] thread
So in the example, is Cloudflare proxying to http://example.com or https://example.github.io?

In the case of the former, wouldn't we be setting a false sense of security since the request is traversing the internet unencrypted from the GitHub servers to the CloudFlare servers?

From what I understand, the benefit would really be to prevent snooping on requests between the end-user and CloudFlare, correct?

Yes, it is a false sense of security, but in this case it is static content being served. This should not be used in eCommerce sites.