https://GeneralConference.lds.org redirects to http

Discuss ideas and suggestions around the LDS.org website.
mevans
Senior Member
Posts: 1282
Joined: Tue May 22, 2012 12:52 pm
Location: California, USA

https://GeneralConference.lds.org redirects to http

Postby mevans » Tue Oct 08, 2013 9:43 pm

I just realized that if I go to https://GeneralConference.lds.org that it redirects me to http://www.lds.org/general-conference (no https).

I thought it used to maintain SSL if I did this. Does anyone else remember it working in the past or is this just a figment of my imagination? But I also think that before it didn't redirect me to a different URL.

scriptures.lds.org does the same thing.

I think these redirects have been around for a bit. I guess they changed the web site organization. The bummer is that losing the SSL logs me out. I guess I need to teach my fingers some different URLs now.

User avatar
aebrown
Community Administrator
Posts: 14693
Joined: Tue Nov 27, 2007 8:48 pm
Location: Sandy, Utah

Re: https://GeneralConference.lds.org redirects to http

Postby aebrown » Wed Oct 09, 2013 5:42 am

mevans wrote:I just realized that if I go to https://GeneralConference.lds.org that it redirects me to http://www.lds.org/general-conference (no https).

I thought it used to maintain SSL if I did this. Does anyone else remember it working in the past or is this just a figment of my imagination? But I also think that before it didn't redirect me to a different URL.

I'm pretty sure that it has always redirected to a different URL (as has the similar gc.lds.org). My recollection is that it has never maintained SSL. Like scriptures.lds.org, it's been on the list in my head of URLs to avoid when I'm signed in, because it tends to sign me out.

mevans wrote:scriptures.lds.org does the same thing.

I think these redirects have been around for a bit. I guess they changed the web site organization.

Yes, it's interesting that several of these subdomain shortcuts lose SSL when they redirect (generalconference.lds.org, gc.lds.org, scriptures.lds.org) and yet there are several others that maintain SSL (clerk.lds.org, clerksupport.lds.org, dutytogod.lds.org, personalprogress.lds.org, youth.lds.org).

In particular, the youth.lds.org redirection is interesting, since the youth.lds.org site itself doesn't even require a login, as near as I can tell, although it links to dutytogod.lds.org and personalprogress.lds.org. And scriptures.lds.org does have features (related to the study toolbar) for which it's helpful to be signed in, so you'd think that it would be engineered to maintain SSL.

The bottom line, as I see it, is that the LDS.org site engineers know how to preserve SSL with these subdomain shortcuts, but they have neglected to do so for some of them.

mevans wrote:The bummer is that losing the SSL logs me out. I guess I need to teach my fingers some different URLs now.

In some limited testing I've just been doing, it looks like there may have been a change in the behavior when one of these redirects takes you to an HTTP site. I'm not immediately signed out (although it initially appears to be that way). Because I'm now on an HTTP site, the header of course appears to show that I am signed out. But if I prefix the URL in my browser's address bar with HTTPS, or use one of my HTTPS bookmarks for places on LDS.org, I see that I am still signed in.

That's a welcome relief compared with the way it used to work, where the act of visiting any page on LDS.org using HTTP would immediately sign you out.

scgallafent
Church Employee
Church Employee
Posts: 1050
Joined: Mon Feb 09, 2009 4:55 pm
Location: Riverton, Utah

Re: https://GeneralConference.lds.org redirects to http

Postby scgallafent » Wed Oct 09, 2013 8:11 am

aebrown wrote:I'm pretty sure that it has always redirected to a different URL (as has the similar gc.lds.org). My recollection is that it has never maintained SSL. Like scriptures.lds.org, it's been on the list in my head of URLs to avoid when I'm signed in, because it tends to sign me out.

...

In some limited testing I've just been doing, it looks like there may have been a change in the behavior when one of these redirects takes you to an HTTP site. I'm not immediately signed out (although it initially appears to be that way). Because I'm now on an HTTP site, the header of course appears to show that I am signed out. But if I prefix the URL in my browser's address bar with HTTPS, or use one of my HTTPS bookmarks for places on LDS.org, I see that I am still signed in.

Once you're at the target page, you can click "Sign In/Tools" and then "Sign In" and you'll be all set. Unless your session has timed out, you don't need to reauthenticate. Changing the address manually to https:// works, too.


Return to “LDS.org Website”

Who is online

Users browsing this forum: No registered users and 1 guest