top | item 14349547 (no title) adakbar | 8 years ago Is it good to redirect to https when user hit API with http? I have heard somewhere doing so is bad discuss order hn newest SadWebDeveloper|8 years ago Nop.. it isn't good, secure endpoints for API's shouldn't be exposed in plain, an error should be raised when a developer/app tries to contact via HTTP rather than HTTPs. thatwebdude|8 years ago Is 404 sufficient? load replies (1) max23_|8 years ago Correct me if I am wrong but even with https redirect, POST request will fail though.
SadWebDeveloper|8 years ago Nop.. it isn't good, secure endpoints for API's shouldn't be exposed in plain, an error should be raised when a developer/app tries to contact via HTTP rather than HTTPs. thatwebdude|8 years ago Is 404 sufficient? load replies (1)
max23_|8 years ago Correct me if I am wrong but even with https redirect, POST request will fail though.
SadWebDeveloper|8 years ago
thatwebdude|8 years ago
max23_|8 years ago