发表新帖
发表新帖

How does Google force HTTPS on their .app TLD?

后端 未结
关注
2 1091
终归单人心
终归单人心 2020-12-11 15:50

In I/O 2018 Google announced their new .app TLD and they said that it will be HTTPS only.

I thought that DNS just maps domain names to IP\'s.

How are they fo

2条回答
  • 夕颜
    夕颜 (楼主)
    2020-12-11 16:22

    It's just a policy. A domain name is a domain name, and DNS only cares about how the name is translated to other resources, like for example an IP address. Technically any IP address can be used together with any IP protocol (there are 256 to choose from, one of which is TCP) and when applicable, any port number (there are 65536 to choose from, two of which are HTTP and HTTPS respectively). There is no way to place restrictions on this via DNS, but of course the TLD registrar can attempt to do this via policy rules.

    By trial and error I easily found an .app domain where HTTPS is not enforced:

    curl -v -L http://foo.app/

    This results in a couple of redirects, but none of them redirect to HTTPS, and the final response is a HTTP response from a GoDaddy address.

    0 讨论(0)
 看不清?
提交回复
热议问题