Replace HTTP links with HTTPS ones: AFS FILESYSTEM
authorAlexander A. Klimov <grandmaster@al2klimov.de>
Wed, 8 Jul 2020 08:14:03 +0000 (10:14 +0200)
committerJonathan Corbet <corbet@lwn.net>
Mon, 13 Jul 2020 17:25:29 +0000 (11:25 -0600)
Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.

Deterministic algorithm:
For each file:
  If not .svg:
    For each line:
      If doesn't contain `\bxmlns\b`:
        For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
  If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`:
            If both the HTTP and HTTPS versions
            return 200 OK and serve the same content:
              Replace HTTP with HTTPS.

Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
Link: https://lore.kernel.org/r/20200708081403.13323-1-grandmaster@al2klimov.de
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Documentation/filesystems/afs.rst

index cada946..0abb155 100644 (file)
@@ -190,7 +190,7 @@ Security
 Secure operations are initiated by acquiring a key using the klog program.  A
 very primitive klog program is available at:
 
-       http://people.redhat.com/~dhowells/rxrpc/klog.c
+       https://people.redhat.com/~dhowells/rxrpc/klog.c
 
 This should be compiled by::