Redirect to HTTPS on

2 posters

Go down

Redirect to HTTPS on Empty Redirect to HTTPS on

Post by miken Sun Mar 25, 2018 7:30 pm

I've just noticed that "" does not redirect to the HTTPS version of the website even though there is one available.
It would be great if you could implement this, it's really simple. One example how to do so:

Also I've noticed that when I use the K-Lite Update Checker and click on "Download installer" button this leads to the non-HTTPS version of "".

But even more importantly: Currently it's not possible to ensure that the downloaded files are valid and have not been tampered with.
Yes, there are hashsums visible on the download-page so you could check the correctness of the downloads (which sadly are not signed and also downloaded over HTTP only) but if you view this page via HTTP you can't know if the page has been intercepted.

Yes, this happens and in some countries actually is enforced via deep packet inspection middleboxes to redirect users of certain website to nation-state spyware if the website they visit and the download-link they use is being served over non-encrypted websites. Examples in this recent report of Citizen Lab are Avast Antivirus, CCleaner, Opera, and 7-Zip: (yes, it's a long read but worth it)

So my suggestions would be:

Thank you for the continuous support of K-Lite over all the years! Smile


Posts : 2
Join date : 2018-03-25

Back to top Go down

Redirect to HTTPS on Empty Re: Redirect to HTTPS on

Post by Admin Mon Mar 26, 2018 5:27 pm

The seconds download mirror now supports https.


Posts : 7461
Join date : 2011-06-17

Back to top Go down

Back to top

Permissions in this forum:
You cannot reply to topics in this forum