![Open Source Security Podcast artwork](https://is5-ssl.mzstatic.com/image/thumb/Podcasts113/v4/22/db/90/22db905e-8617-8eb1-d255-57810207fc06/mza_4268399195197921277.jpg/100x100bb.jpg)
Episode 431 - Redirecting HTTP to HTTPS
Open Source Security Podcast
English - June 03, 2024 00:00 - 32 minutes - 30.1 MB - ★★★★★ - 39 ratingsTechnology security cybersecurity open opensource source Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Episode 430 - Frozen kernel security
Next Episode: Episode 432 - Flipper Zero with Alex Kulagin
Josh and Kurt talk about a blog post titled "Your API Shouldn't Redirect HTTP to HTTPS". It's an interesting idea, and probably a good one. There is however a lot of baggage in this space as you'll hear in the discussion. There's no a simple solution, but this is certainly something to discuss.
Show Notes Your API Shouldn't Redirect HTTP to HTTPS Hacker News discussion HSTS Section 5.1