<html> <head> <base href="https://bugs.documentfoundation.org/"> </head> <body><table border="1" cellspacing="0" cellpadding="8"> <tr> <th>Bug ID</th> <td><a class="bz_bug_link bz_status_UNCONFIRMED " title="UNCONFIRMED - LibreOffice download page - please change torrent file to be downloaded using https instead of current http link" href="https://bugs.documentfoundation.org/show_bug.cgi?id=111304">111304</a> </td> </tr> <tr> <th>Summary</th> <td>LibreOffice download page - please change torrent file to be downloaded using https instead of current http link </td> </tr> <tr> <th>Product</th> <td>LibreOffice </td> </tr> <tr> <th>Version</th> <td>unspecified </td> </tr> <tr> <th>Hardware</th> <td>All </td> </tr> <tr> <th>OS</th> <td>All </td> </tr> <tr> <th>Status</th> <td>UNCONFIRMED </td> </tr> <tr> <th>Severity</th> <td>normal </td> </tr> <tr> <th>Priority</th> <td>medium </td> </tr> <tr> <th>Component</th> <td>Documentation </td> </tr> <tr> <th>Assignee</th> <td>libreoffice-bugs@lists.freedesktop.org </td> </tr> <tr> <th>Reporter</th> <td>grofaty@hotmail.com </td> </tr> <tr> <th>CC</th> <td>olivier.hallot@documentfoundation.org </td> </tr></table> <p> <div> <pre>Created <span class=""><a href="http://bugs.documentfoundation.org/attachment.cgi?id=135093" name="attach_135093" title="torrent_over_http.png">attachment 135093</a> <a href="http://bugs.documentfoundation.org/attachment.cgi?id=135093&action=edit" title="torrent_over_http.png">[details]</a></span> torrent_over_http.png Hi, today I have tried to download LibreOffice 5.4.0 torrent file to download software. After investigating the problem, why I can't download torrent file from LibreOffice web site, I have found out our enterprise IT administrators have decided to restrict download torrent files from whole internet. Like I see on LibreOffice web site the main problem is: torrent file is by default downloaded using http protocol. From <a href="https://www.libreoffice.org/download/download/">https://www.libreoffice.org/download/download/</a> see the link: <a href="http://download.documentfoundation.org/libreoffice/stable/5.4.0/win/x86/LibreOffice_5.4.0_Win_x86_helppack_en-US.msi.torrent">http://download.documentfoundation.org/libreoffice/stable/5.4.0/win/x86/LibreOffice_5.4.0_Win_x86_helppack_en-US.msi.torrent</a> (notice the http in URL). I have figure it out changing http to https and I can successfully download torrent file and also LibreOffice is successfully downloaded using torrent network traffic. I see web server is redirecting http to https traffic, but this is not really successful if some firewall rules inspects http traffic. May I suggest to change http to https links at least for torrent files (this bug report)? Additional: By the way, I have installed "moarTLS Analyzer" Firefox extension and I can see plenty of links on web page are using http links without real reason (probably links from http only era), because site is supporting https just fine. It is a lot more work to change all of the http addresses to https (on whole web site, not just one particular page), but for consistency/privacy/security reasons I think this is probably a good idea to ad on agenda. Maybe you can also use Upgrade-Insecure-Requests http header web server setting. Details: <a href="https://www.w3.org/TR/upgrade-insecure-requests/#preference">https://www.w3.org/TR/upgrade-insecure-requests/#preference</a> which is http header that instructs to browser to change all of the http to https requests. If this header would be implemented, my browser would see the http torrent URL and would (browser itself) automatically changed it to https address and so not getting into the download torrent problem. See attached image for more details. Regards</pre> </div> </p> <hr> <span>You are receiving this mail because:</span> <ul> <li>You are the assignee for the bug.</li> </ul> </body> </html>