24 Mar
2014
24 Mar
'14
11:26 p.m.
Hi,
This does not *exactly* meet POLA, and that part of the change was not announced as such - and as it's quite likely that this breaks someone's syncupdate script (why would a syncupdate client be written to handle http->https redirects if all it wants is a single POST?) this really should have been announced before.
I fully agree. Making https mandatory for updates is a change in the public interface to the DB and it should have been announced. Denis: can you gather some stats on how many POSTs are sent over http, get a redirect, and then don't retry over https? It would give a rough estimate of how many scripts can't handle the redirect. Cheers, Sander