Edgar February 2016

Scheme relative URL

There are a lot of questions on SO regarding scheme relative URL, but I don't understand what will happen in these scenarios:

1) I am on HTTPS clicking on href="//example.com/" (example.com doesn't have SSL (it's HTTP), so browser will try to open HTTPS://example.com/ (because it wants to match the current scheme) and if there won't be HTTPS scheme it will open HTTP://example.com/?

2) Vice-versa going from HTTP to HTTPS, when the target //example.com/ is only HTTPS. Will browser open HTTPS if the destination target does not have HTTP?

Answers


deceze February 2016

The browser will try to open the URL using the same scheme it's currently on; if it's currently on HTTPS, it will request the URL with HTTPS and vice versa for HTTP. If the target server does not support that scheme, it will simply fail. In case of a server which only supports HTTPS, that usually means that it enforces HTTPS; if you make an HTTP query to that server it often simply redirects to the HTTPS version of the same page. That's entirely up to the server to do though.

If a server only supports HTTP, that usually means that it doesn't have HTTPS at all. In that case an HTTPS request would simply fail and the browser will display an error message along the lines of "couldn't establish a secure connection/couldn't connect to server".

Post Status

Asked in February 2016
Viewed 3,544 times
Voted 8
Answered 1 times

Search




Leave an answer