|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
27 Jun 2014, 09:01 AM | #1 |
Senior Member
Join Date: Apr 2002
Posts: 101
|
Can't connect to any domain other than fastmail.fm
The result in the web browser is obvious, but for additional evidence:
Code:
$ wget -S -c 'https://www.fastmail.fm/' --2014-06-26 23:52:56-- https://www.fastmail.fm/ Resolving www.fastmail.fm... 66.111.4.56, 66.111.4.55 Connecting to www.fastmail.fm|66.111.4.56|:443... connected. HTTP request sent, awaiting response... HTTP/1.1 200 OK Server: nginx Date: Thu, 26 Jun 2014 23:52:57 GMT Content-Type: text/html; charset=utf-8 Content-Length: 17407 Connection: keep-alive Set-Cookie: s_=1%3Bnyi%3Bnyi%3B2b3049a55be534e0d094ced91fca1e37%3B1403826777%3Bdb76b2a1fc635c14336ae279ff42a10419b53267; path=/; domain=www.fastmail.fm; secure; HttpOnly X-Backend: web4 X-UA-Compatible: IE=Edge X-Frontend: frontend2 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://api.pin.net.au 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src data:; img-src *; media-src 'none'; object-src 'none'; frame-src *; report-uri /log/csp Length: 17407 (17K) [text/html] Saving to: ‘index.html’ 100%[=============================================================================================================>] 17,407 --.-K/s in 0s 2014-06-26 23:52:57 (55.5 MB/s) - ‘index.html’ saved [17407/17407] $ wget -S -c 'https://www.fastmail.net/' --2014-06-26 23:53:05-- https://www.fastmail.net/ Resolving www.fastmail.net... 66.111.4.79 Connecting to www.fastmail.net|66.111.4.79|:443... failed: Connection refused. Retrying. --2014-06-26 23:53:07-- (try: 2) https://www.fastmail.net/ Connecting to www.fastmail.net|66.111.4.79|:443... failed: Connection refused. Retrying. --2014-06-26 23:53:09-- (try: 3) https://www.fastmail.net/ Connecting to www.fastmail.net|66.111.4.79|:443... failed: Connection refused. Retrying. [...] |
27 Jun 2014, 09:36 AM | #2 |
Master of the @
Join Date: May 2012
Location: Melbourne, Australia
Posts: 1,007
Representative of:
Fastmail.fm |
This is by design. We don't have certificates for all our alternate domains and so don't want to serve HTTPS for them as it tends to confuse users (big red "nasty site" warnings) and Google, which mis-indexes things. Also, we really want a consistent message that you should only ever enter your password on www.fastmail.fm (and later, when you see the green "FastMail Pty Ltd" badge, but we're not there yet).
The unencrypted http://www.fastmail.net/ will work, redirecting you to https://www.fastmail.fm/ for login. |
27 Jun 2014, 09:44 AM | #3 |
Senior Member
Join Date: Apr 2002
Posts: 101
|
Did that change recently, or am I hallucinating again?
|
27 Jun 2014, 10:14 AM | #4 |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,929
|
The latter.
Four years ago in 2010 the redirection took place during the login process: New http://m., http://old., http://beta. and http://ssl. site prefixes Then two years ago in 2012 the current immediate redirection was put in place: Changes to webmail login Bill |
27 Jun 2014, 10:58 AM | #5 |
Master of the @
Join Date: May 2012
Location: Melbourne, Australia
Posts: 1,007
Representative of:
Fastmail.fm |
This was a later change again. Basically removes the first two of the "(W)" cases (base and m. domains). ssl.domain continues to work and send a warning.
The main motivator for it was that when you searched for "fastmail" on google.co.uk, it would return https://fastmail.co.uk as the first result, which would give a browser warning when clicked. We spent a lot of time with the Google webmaster tools to try and make it not index it, but couldn't make it work. So we opted to stop serving HTTPS on those domains altogether rather than have Google serve up incorrect stuff that might scare off new users. |