Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use HTTPS, link Java 8 docs instead of 6 and fix invalid links. #3714

Merged
merged 3 commits into from
Feb 20, 2021
Merged

Use HTTPS, link Java 8 docs instead of 6 and fix invalid links. #3714

merged 3 commits into from
Feb 20, 2021

Conversation

TheDGOfficial
Copy link
Contributor

@TheDGOfficial TheDGOfficial commented Jan 25, 2021
edited
Loading

Description

Changes:

build.gradle & EffExplosion.java & ExprGlidingState.java & ExprProtocolVersion.java: https
config.sk, lang/readme.txt, SkriptConfig.java: https + java 8 doc

GriefPreventionHook.java: https + njol bukkit skript page --> github SkriptLang page
ChatCode.java: https

DatabaseStorage.java: https + server-mods --> projects to fix 404

Explanation of why hard-code HTTPS when sites already redirect anyway:

HTTPS is an encrypted protocol while HTTP is unencrypted and prone to vulnerabilities.
Many sites support HTTPS thanks to Let's Encrypt & HTTPS Everywhere projects, and they redirect http:// to https://.

But in order to redirect http to https, the first request goes unencrypted if the redirect isn't
done on the client side, so an attacker probably remove redirection or do whatever.

Other than build.gradle, the changes are mostly text and for reference, but making every link
that supports https with https:// instead of http:// is better.

Target Minecraft Versions: any
Requirements: none
Related Issues: #3785

ShaneBeee and others added 2 commits January 3, 2021 16:53
@ShaneBeee
BlockStateBlock - update based on changes to Paper
e39c1ec
Use HTTPS, link Java 8 docs instead of 6 and fix invalid links.
acd0b96 
Changes:

build.gradle & EffExplosion.java & ExprGlidingState.java & ExprProtocolVersion.java: https
config.sk, lang/readme.txt, SkriptConfig.java: https + java 8 doc

GriefPreventionHook.java: https + njol bukkit skript page --> github SkriptLang page
ChatCode.java: https

DatabaseStorage.java: https + server-mods --> projects to fix 404

Explanation of why hard-code HTTPS when sites already redirect anyway:

HTTPS is an encrypted protocol while HTTP is unencrypted and prone to vulnerabilities.
Many sites support HTTPS thanks to Let's Encrypt & HTTPS Everywhere projects, and they redirect http:// to https://.

But in order to redirect http to https, the first request goes unencrypted if the redirect isn't
done on the client side, so an attacker probably remove redirection or do whatever.

Other than build.gradle, the changes are mostly text and for reference, but making every link
that supports https with https:// instead of http:// is better.
WeeskyBDW
WeeskyBDW previously approved these changes Jan 26, 2021
View reviewed changes
Skylyxx
Skylyxx previously approved these changes Jan 26, 2021
View reviewed changes
@TheLimeGlass
Copy link
Contributor

Gradle 7.0 will not compile in the future if we continue to use http. So this change is absolutely needed.

@ShaneBeee ShaneBeee changed the base branch from master to dev-2.5 January 30, 2021 06:31
@ShaneBeee ShaneBeee dismissed stale reviews from Skylyxx and WeeskyBDW January 30, 2021 06:31

The base branch was changed.

ShaneBeee
ShaneBeee approved these changes Jan 30, 2021
View reviewed changes
Copy link
Contributor

@ShaneBeee ShaneBeee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me 👍

@ShaneBeee ShaneBeee added 2.5 enhancement Feature request, an issue about something that could be improved, or a PR improving something. labels Jan 30, 2021
@FranKusmiruk FranKusmiruk merged commit 28b6166 into SkriptLang:dev-2.5 Feb 20, 2021
@TheDGOfficial TheDGOfficial mentioned this pull request Mar 2, 2021
Closed
@quick007
Copy link

quick007 commented Mar 5, 2021

maybe add Closes #3785

@TheDGOfficial
Copy link
Contributor Author

maybe add Closes #3785

That issue is created after this PR is created & merged; and adding closes to the commit message after the merge is not possible, and that would not suit to the Skript's way of handling issues, too, since it would close the issue after merge otherwise automatically. In this repository issues are marked as completed and closed after a release implementing/fixing them is available (as far as I know)

I added it to the Related Issues though for reference, a repository admin can also add to the Linked Issues thing, following below tutorial:
https://docs.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#manually-linking-a-pull-request-to-an-issue

However that may close the issue as It clearly says "Successfully merging this pull request may close these issues.", don't know if it will still close after adding it when pull request is already merged, though.

@TheDGOfficial TheDGOfficial deleted the link-stuff branch April 12, 2021 00:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShaneBeee ShaneBeee ShaneBeee approved these changes

@WeeskyBDW WeeskyBDW WeeskyBDW left review comments

@Skylyxx Skylyxx Skylyxx left review comments

Assignees
No one assigned
Labels
enhancement Feature request, an issue about something that could be improved, or a PR improving something.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@TheDGOfficial @TheLimeGlass @quick007 @ShaneBeee @WeeskyBDW @Skylyxx @FranKusmiruk