logged in use: https; logout: use http

Bug #361739 reported by lszyba1 on 2009-04-15
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Undecided
Unassigned

Bug Description

https://lists.launchpad.net/launchpad-users/threads.html#04962

Can launchpad use http for no logged in users.
If ration of 1 project developer to 20 users is used that means only 5% of users of launchpad need http while the rest 95% need http to get to the data as soon as possible.

Above is a thread of discussion saying that https was implemented because it was easiest and immediate. Now that launchpad has grown so much I would like to see the speed of it improve. Waiting 5 seconds to switch to any tab is not acceptable and for me it is considered a critical bug.

I would appreciate if launchpad came up with a plan on how to separate logged in users and for everybody else allow them to browse via http.

I think if launchpad fixes this bug the project as a whole will benefit from it greatly.

What are the problems with implementing http for not logged in users? Can we redirect logged in users to https and leave non-logged in users http?

Thank you,
Lucas

lszyba1 (szybalski) on 2009-04-15
visibility: private → public
Joshua Blount (jblount) on 2009-04-15
summary: - loged in use: https; logout: use http
+ logged in use: https; logout: use http
lszyba1 (szybalski) wrote :

T1 line:

Launchpad vs google (7x time slower)
launchpad vs sourceforge (3x slower)
launchpad vs bitbucket (6x slower) (Can't compare due to size of hosting)

 time wget https://launchpad.net/datahub
real 0m2.060s
user 0m0.048s
sys 0m0.012s

time wget https://code.launchpad.net/datahub

real 0m0.870s
user 0m0.032s
sys 0m0.012s

time wget https://bugs.launchpad.net/datahub
real 0m3.335s
user 0m0.032s
sys 0m0.004s

time wget https://blueprints.launchpad.net/datahub
real 0m0.821s
user 0m0.052s
sys 0m0.008s

 time wget http://bazaar.launchpad.net/~szybalski/datahub/trunk/files

real 0m4.887s
user 0m0.000s
sys 0m0.008s

 time wget http://code.google.com/p/harvestman-crawler/

real 0m0.282s
user 0m0.004s
sys 0m0.004s

time wget http://code.google.com/p/harvestman-crawler/issues/list

real 0m0.467s
user 0m0.000s
sys 0m0.020s

time wget http://sourceforge.net/projects/uicrawler/
real 0m0.705s
user 0m0.004s
sys 0m0.012s

time wget http://sourceforge.net/tracker/?group_id=178471&atid=885363

real 0m0.637s
user 0m0.008s
sys 0m0.004s

time wget http://bitbucket.org/ianb/pip/src/
real 0m0.332s
user 0m0.012s
sys 0m0.004s

Michael B. Trausch (mtrausch) wrote :

This should be closed as invalid/wontfix.

Yes, HTTPS is slower. However, the _entire_ Internet should be using it, not just Web sites that "need" security for one reason or another. Encrypt-by-default is preferable, and is one of the reasons I continue to use LP.

-1, Do not "fix" this bug.

To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers