Uploaded image for project: 'Mojang Web Services'
  1. Mojang Web Services
  2. WEB-727

Security Issue: Mojang.com doesn't use encrypted connection (HTTPS) by default

    XMLWordPrintable

    Details

      Description

      The issue

      When you literally only enter the URL mojang.com (which is technically http://mojang.com), the encrypted Mojang site (https://mojang.com) won't automatically be used.

      Effects

      This opens up the possibility for hackers and eavesdroppers to manipulate the content of the site and spy on users of the unencrypted http://mojang.com site.

      Tags: redirect, redirection

        Attachments

          Activity

            People

            Assignee:
            mojangweb [Mojang] Web Team
            Reporter:
            swekob Swekob
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: