logged in use: https; logout: use http

Bug #361739 reported by lszyba1
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
New
Undecided
Unassigned

Bug Description

https://lists.launchpad.net/launchpad-users/threads.html#04962

Can launchpad use http for no logged in users.
If ration of 1 project developer to 20 users is used that means only 5% of users of launchpad need http while the rest 95% need http to get to the data as soon as possible.

Above is a thread of discussion saying that https was implemented because it was easiest and immediate. Now that launchpad has grown so much I would like to see the speed of it improve. Waiting 5 seconds to switch to any tab is not acceptable and for me it is considered a critical bug.

I would appreciate if launchpad came up with a plan on how to separate logged in users and for everybody else allow them to browse via http.

I think if launchpad fixes this bug the project as a whole will benefit from it greatly.

What are the problems with implementing http for not logged in users? Can we redirect logged in users to https and leave non-logged in users http?

Thank you,
Lucas

lszyba1 (szybalski)
visibility: private → public
Joshua Blount (jblount)
summary: - loged in use: https; logout: use http
+ logged in use: https; logout: use http
Revision history for this message
lszyba1 (szybalski) wrote :

T1 line:

Launchpad vs google (7x time slower)
launchpad vs sourceforge (3x slower)
launchpad vs bitbucket (6x slower) (Can't compare due to size of hosting)

 time wget https://launchpad.net/datahub
real 0m2.060s
user 0m0.048s
sys 0m0.012s

time wget https://code.launchpad.net/datahub

real 0m0.870s
user 0m0.032s
sys 0m0.012s

time wget https://bugs.launchpad.net/datahub
real 0m3.335s
user 0m0.032s
sys 0m0.004s

time wget https://blueprints.launchpad.net/datahub
real 0m0.821s
user 0m0.052s
sys 0m0.008s

 time wget http://bazaar.launchpad.net/~szybalski/datahub/trunk/files

real 0m4.887s
user 0m0.000s
sys 0m0.008s

 time wget http://code.google.com/p/harvestman-crawler/

real 0m0.282s
user 0m0.004s
sys 0m0.004s

time wget http://code.google.com/p/harvestman-crawler/issues/list

real 0m0.467s
user 0m0.000s
sys 0m0.020s

time wget http://sourceforge.net/projects/uicrawler/
real 0m0.705s
user 0m0.004s
sys 0m0.012s

time wget http://sourceforge.net/tracker/?group_id=178471&atid=885363

real 0m0.637s
user 0m0.008s
sys 0m0.004s

time wget http://bitbucket.org/ianb/pip/src/
real 0m0.332s
user 0m0.012s
sys 0m0.004s

Revision history for this message
Michael B. Trausch (mtrausch) wrote :

This should be closed as invalid/wontfix.

Yes, HTTPS is slower. However, the _entire_ Internet should be using it, not just Web sites that "need" security for one reason or another. Encrypt-by-default is preferable, and is one of the reasons I continue to use LP.

-1, Do not "fix" this bug.

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.