collect
collect copied to clipboard
getodk
Remove support for HTTP
Every time we submit a new build for the Play Store, we get a security warning about allowing HTTP. The new data safety section in Play Store listings makes it clear that in-flight encryption is a big deal (as it should be).
Central tries hard to prevent users from using HTTP (though some seem to succeed).
We still have users setting their server url to an http:// address. However, Collect does negotiate a redirect to https:// so that doesn't necessarily tell us how much clear text communication is happening. We can give a ~6month warning for folks to adapt and those who really need HTTP for some reason can build a fork.
- [ ] Announce the change on the forum
My one concern here would be people syncing data in the field using a server hosted on a local private network (those little Raspberry Pi field servers that were demonstrated at the convening for instance). In these cases, I'd imagine you'd want to just have the server listen over HTTP on a fixed local IP. That's maybe a small use case, but I'd worry about forcing people to add the complexity of setting up certificates etc to something like this - maybe this is already something Central has forced on those folks though (if they're using it).
people syncing data in the field using a server hosted on a local private network
I agree that's the one case we'd lose that in an ideal world we might still support. But as you say, Central doesn't really let you easily do an HTTP setup. I do think we should document the process for offline https. The benefits of making sure no one can make cleartext submissions and getting the "all traffic is encrypted" badge in the Play Store make this move worth it to me.