[Owasp-leaders] HTTP to HTTPS redirects
jim.manico at owasp.org
Sun Oct 23 10:07:06 EDT 2011
Troy Hunt and others noticed that you removed the recommendation to
avoid HTTP to HTTPS redirects, a long standing AppSec recommendation.
As a chance to geek-out on leaders, may I/we ask why in a bit more depth?
I'm on the edge about this myself, but I think I understand your reasoning...
More information about the OWASP-Leaders