Offer https URLs by default
joonas-fi opened this issue · comments
Is there any reason all the examples and the test/encoder offer non-secure URLs by default?
Looks like g.gravizo.com is fronted by CloudFlare anyway, so why not switch to secure-by-default and lead a good example?
I fear that most people just use the example URLs/generated URLs and therefore needlessly expose their users to man-in-the-middle attacks. They might not realize that https is supported or they are afraid to use it since it is something not arvertised and therefore not guaranteed to be always supported.
Hi @joonas-fi, thanks for your feedback. The ssl was added later, this is why it isn't in the docs. I will update the documentation.
Awesome, thanks! Https makes the world a tiny bit a better place. :)