Tech Forum

I just realized that if I go to https://GeneralConference.lds.org that it redirects me to http://www.lds.org/general-conference (no https).

I thought it used to maintain SSL if I did this. Does anyone else remember it working in the past or is this just a figment of my imagination? But I also think that before it didn't redirect me to a different URL.

scriptures.lds.org does the same thing.

I think these redirects have been around for a bit. I guess they changed the web site organization. The bummer is that losing the SSL logs me out. I guess I need to teach my fingers some different URLs now.

mevans wrote:I just realized that if I go to https://GeneralConference.lds.org that it redirects me to http://www.lds.org/general-conference (no https).

I thought it used to maintain SSL if I did this. Does anyone else remember it working in the past or is this just a figment of my imagination? But I also think that before it didn't redirect me to a different URL.

I'm pretty sure that it has always redirected to a different URL (as has the similar gc.lds.org). My recollection is that it has never maintained SSL. Like scriptures.lds.org, it's been on the list in my head of URLs to avoid when I'm signed in, because it tends to sign me out.

mevans wrote:scriptures.lds.org does the same thing.

I think these redirects have been around for a bit. I guess they changed the web site organization.

Yes, it's interesting that several of these subdomain shortcuts lose SSL when they redirect (generalconference.lds.org, gc.lds.org, scriptures.lds.org) and yet there are several others that maintain SSL (clerk.lds.org, clerksupport.lds.org, dutytogod.lds.org, personalprogress.lds.org, youth.lds.org).

In particular, the youth.lds.org redirection is interesting, since the youth.lds.org site itself doesn't even require a login, as near as I can tell, although it links to dutytogod.lds.org and personalprogress.lds.org. And scriptures.lds.org does have features (related to the study toolbar) for which it's helpful to be signed in, so you'd think that it would be engineered to maintain SSL.

The bottom line, as I see it, is that the LDS.org site engineers know how to preserve SSL with these subdomain shortcuts, but they have neglected to do so for some of them.

mevans wrote:The bummer is that losing the SSL logs me out. I guess I need to teach my fingers some different URLs now.

In some limited testing I've just been doing, it looks like there may have been a change in the behavior when one of these redirects takes you to an HTTP site. I'm not immediately signed out (although it initially appears to be that way). Because I'm now on an HTTP site, the header of course appears to show that I am signed out. But if I prefix the URL in my browser's address bar with HTTPS, or use one of my HTTPS bookmarks for places on LDS.org, I see that I am still signed in.

That's a welcome relief compared with the way it used to work, where the act of visiting any page on LDS.org using HTTP would immediately sign you out.

aebrown wrote:I'm pretty sure that it has always redirected to a different URL (as has the similar gc.lds.org). My recollection is that it has never maintained SSL. Like scriptures.lds.org, it's been on the list in my head of URLs to avoid when I'm signed in, because it tends to sign me out.

...

In some limited testing I've just been doing, it looks like there may have been a change in the behavior when one of these redirects takes you to an HTTP site. I'm not immediately signed out (although it initially appears to be that way). Because I'm now on an HTTP site, the header of course appears to show that I am signed out. But if I prefix the URL in my browser's address bar with HTTPS, or use one of my HTTPS bookmarks for places on LDS.org, I see that I am still signed in.

Once you're at the target page, you can click "Sign In/Tools" and then "Sign In" and you'll be all set. Unless your session has timed out, you don't need to reauthenticate. Changing the address manually to https:// works, too.