Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

What message when security.txt file is NOT available via https? #24

Closed
baknu opened this issue Sep 29, 2022 · 1 comment
Closed

What message when security.txt file is NOT available via https? #24

baknu opened this issue Sep 29, 2022 · 1 comment

Comments

@baknu
Copy link
Collaborator

baknu commented Sep 29, 2022
edited
Loading

What "message" is displayed when the below requirement (and especially the https part) is not met? So what is the message when security.txt is only available via HTTP?

"The file MUST be accessed via HTTP 1.0 or a higher version, and the file access MUST use the "https" scheme (as per Section 2.7.2 of [RFC7230])."
@SanderKools-Ordina SanderKools-Ordina mentioned this issue Jan 4, 2023
Merged
@DigitalTrustCenter
Copy link
Owner

With release 0.8 an additional check is added which checks the insecure URI scheme. If the security.txt is found than an error is added which clarifies that the scheme is not correct and the https scheme should be used.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@baknu @DigitalTrustCenter