Unsecured documentation / other content #2
Comments
|
The reason documentation links reference http://git.munts.com is shrouded in decades of history. Like Google, I have all of my personal source code stored in a single source code repository, named src. Many eons ago (ca. 2007) I migrated src from CVS to Subversion, because I began working for a new client that was then using Subversion. A few years later the client switched to git. I never migrated src to git for two reasons, pure inertia and the fact that Subversion has the feature of partial checkouts. When it came time to publish my code to the internet, the combination of Subversion's partial checkout feature and git-svn made it extremely easy to mirror src/muntsos/ to http://git.munts.com/muntsos.git. That mirror in turn pushes to https://github.com/pmunts/muntsos. Everything under http://munts.com has an HTML skeleton that comes from another Subversion repository named www. When I change anything anywhere in the websites, I run a script called update.sh that, among many other things, pulls from Subversion repository src directory muntsos to muntsos.git and then pushes muntsos.git to https://github.com/pmunts/muntsos. The following fragment of update.sh does all the magic for each of my public git repositories: Now, coming back to the documentation links: The GitHub web code browser does not allow opening a documentation PDF file, only the choice between viewing it rendered and downloading it. Unfortunately, when you view https://github.com/pmunts/muntsos/blob/master/doc/AppNote19-BeaglePlay.pdf, hyperlinks in the PDF file are disabled, but when you open it at http://git.munts.com/muntsos/doc/AppNote19-BeaglePlay.pdf the internal hyperlinks work. After some quick research it may be possible enable opening PDF files stored in GitHub through an .gitattributes file. It looks like that in order to satisfy your reasonable request, I would need to either mirror all of the deliverables currently at http://repo.munts.com/muntsos to GitHub or to begin encrypting all or portions of the munts.com domain. Either way I have to update a lot of hyperlinks in a lot of HTML files and a lot of PDF files. I have previously taken the position of only encrypting what is sensitive (e.g. I have two subdomains of munts.net encrypted using certificates from Let's Encrypt). What is the argument for encrypting non-sensitive file repositories? Man in the middle attacks that corrupt files as you are downloading them? |
|
As long as everything I need to use the tools - documentation and source code - is available somewhere via https that is OK. I can point to the secure links in my own documentation. |
|
I just symlinked repo/muntsos/doc to git/muntsos/doc in my internal web server file tree, which makes the documentation files available at http://repo.munts.com/muntsos/doc. In retrospect, that is where they should have been visible all along. Next I think I'll create a new secure subdomain https://repo.munts.com but leave the unsecure http://repo.munts.com available until I can fix all the hyperlinks into it. A quick search of src/muntsos/ found 81 links to http://git.munts.com and 51 links to http://repo.munts.com. It'll take a while to fix them. A lot of them are in PDF files which will be impossible to fix with a script. Unfortunately, it doesn't look like .gitattributes can make a PDF file openable from GitHub instead of just downloadable. The same issue will arise for the documentation files of my libsimpleio GitHub repository. |
|
OK, https://repo.munts.com is now live. All hyperlinks in text files under https://github.com/pmunts/muntsos have been changed from http://git.munts.com/... or http://repo.munts.com/... to https://repo.munts.com/... It will take awhile to update the hyperlinks in binary files (mostly PDFs). |
|
Thanks!! |
I know I'm being paranoid, but having the documentation on a website that is
http, nothttps, is a deal-breaker for me. Can you move all of your content / media / repositories here to GitHub? Thanks!!The text was updated successfully, but these errors were encountered: