Launchpad itself

logged in use: https; logout: use http

Bug #361739 reported by lszyba1 on 2009-04-15

This bug report is a duplicate of: Bug #46591: Serving everything under SSL causes slowdown. Edit Remove

258

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Launchpad itself	New	Undecided	Unassigned

Bug Description

https://lists.launchpad.net/launchpad-users/threads.html#04962

Can launchpad use http for no logged in users.
If ration of 1 project developer to 20 users is used that means only 5% of users of launchpad need http while the rest 95% need http to get to the data as soon as possible.

Above is a thread of discussion saying that https was implemented because it was easiest and immediate. Now that launchpad has grown so much I would like to see the speed of it improve. Waiting 5 seconds to switch to any tab is not acceptable and for me it is considered a critical bug.

I would appreciate if launchpad came up with a plan on how to separate logged in users and for everybody else allow them to browse via http.

I think if launchpad fixes this bug the project as a whole will benefit from it greatly.

What are the problems with implementing http for not logged in users? Can we redirect logged in users to https and leave non-logged in users http?

Thank you,
Lucas

lszyba1 (szybalski) on 2009-04-15

visibility:

private → public

Joshua Blount (jblount) on 2009-04-15

summary:

- loged in use: https; logout: use http
+ logged in use: https; logout: use http

Revision history for this message

lszyba1 (szybalski) wrote on 2009-04-15:

T1 line:

Launchpad vs google (7x time slower)
launchpad vs sourceforge (3x slower)
launchpad vs bitbucket (6x slower) (Can't compare due to size of hosting)

time wget https://launchpad.net/datahub
real 0m2.060s
user 0m0.048s
sys 0m0.012s

time wget https://code.launchpad.net/datahub

real 0m0.870s
user 0m0.032s
sys 0m0.012s

time wget https://bugs.launchpad.net/datahub
real 0m3.335s
user 0m0.032s
sys 0m0.004s

time wget https://blueprints.launchpad.net/datahub
real 0m0.821s
user 0m0.052s
sys 0m0.008s

time wget http://bazaar.launchpad.net/~szybalski/datahub/trunk/files

real 0m4.887s
user 0m0.000s
sys 0m0.008s

time wget http://code.google.com/p/harvestman-crawler/

real 0m0.282s
user 0m0.004s
sys 0m0.004s

time wget http://code.google.com/p/harvestman-crawler/issues/list

real 0m0.467s
user 0m0.000s
sys 0m0.020s

time wget http://sourceforge.net/projects/uicrawler/
real 0m0.705s
user 0m0.004s
sys 0m0.012s

time wget http://sourceforge.net/tracker/?group_id=178471&atid=885363

real 0m0.637s
user 0m0.008s
sys 0m0.004s

time wget http://bitbucket.org/ianb/pip/src/
real 0m0.332s
user 0m0.012s
sys 0m0.004s

Revision history for this message

Michael B. Trausch (mtrausch) wrote on 2009-04-15:

This should be closed as invalid/wontfix.

Yes, HTTPS is slower. However, the _entire_ Internet should be using it, not just Web sites that "need" security for one reason or another. Encrypt-by-default is preferable, and is one of the reasons I continue to use LP.

-1, Do not "fix" this bug.

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #46591 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.