Uploaded image for project: 'Mojang Web Services'
  1. Mojang Web Services
  2. WEB-727

Security Issue: Mojang.com doesn't use encrypted connection (HTTPS) by default

    XMLWordPrintable

Details

    Description

      The issue

      When you literally only enter the URL mojang.com (which is technically http://mojang.com), the encrypted Mojang site (https://mojang.com) won't automatically be used.

      Effects

      This opens up the possibility for hackers and eavesdroppers to manipulate the content of the site and spy on users of the unencrypted http://mojang.com site.

      Tags: redirect, redirection

      Attachments

        Activity

          People

            mojangweb [Mojang] Web Team
            swekob Swekob
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: