|Account Type:||Free Account|
|Dreamwidth:||Account Name: cat_mucius|
Style: (S2) core: public, i18n: none, i18nc: none, layout: public, theme: public, user: none,
Email confirmed? Yes
cluster: 8; data version : 9
Media storage used: 0.000 MB (0.0%)
|Support category:||General/Unknown [Previous|Next]|
|Time posted:||Mon, 26 Dec 2016 19:11:26 GMT (42 weeks ago)|
|Status:||closed (2 points to jennifer)|
|Summary:||Allow URLs with dreamwidth.org hostname only|
Currently if DreamWidth receives request for some journal in form https://dreamwidth.org/~account or https://dreamwidth.org/users/account, it automatically redirects browser to https://account.dreamwidth.org URL. It looks more pretty, but it allows potential inspectors of traffic between clients and DW to see, which specific journal was reached (by DNS query, as well as by plaintext SNI field in SSL handshake) - and block the request.
But if the URLs were remaining with only dreamwidth.org in the hostname field, then any inspection system would just see that DW was accessed - without knowing any specifics.
Today, many people migrate from LiveJournal to DW because of fear their journals would be blocked by Russian government (which actually happened). It would be nice if DW gave users tools to exclude possibility of such journal-level blocking by government agencies.
What I suggest is: if original request was for account.dreamwidth.org URL, let it stay. But if it was for https://dreamwidth.org/users/account URL or similar - don't redirect the client to "vanity URL", let it stay in this form.
And, of course, redirecting users from HTTP to HTTPS would be great.
Diagnostics: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
|jennifer - Jennifer|
Posted: Tue, 27 Dec 2016 04:24:13 GMT (42 weeks ago)
|cat_mucius - cat_mucius|
Posted: Tue, 27 Dec 2016 08:39:12 GMT (42 weeks ago)
Hi Jennifer, thanks for quick response.
Go to: previous open request, next open request
Return to the list of open requests.
Back to the Support Area.