On Fri, 6 Nov 2020, Emil Engler via curl-library wrote:
Hello, as most websites use HTTPS nowadays I would suggest to let curl use HTTPS if no protocol was specified rather than HTTP and use HTTP as a fallback if HTTPS is not available. However, I am not certainly sure if that can be done easily (as I am not into the TLS protocol).
I think it's a fair suggestion to bring up and discuss, but I personally don't think we should do it.
Why do we have a default scheme to begin with? Because that's how the browsers operatate. You've always been able to enter a host name and the browser then tries HTTP against it. We basically mimiced that. Even today, browsers don't automatically switch to HTTPS:// when given such a host name - because they're not the same and presumably it causes too many problems for users. Do we think curl users are less likely to have a problem with this? I doubt that.
I'm positive that there are *many* users out there who are using curl in scripts and command lines without a scheme, and if we ship a curl version that suddenly changes that behavior we break behavior and cause sadness and upset emotions for a large amount of users. I think we can safely assume that a large portion of these users actually *intend* for those transfes to be HTTP so just switching to HTTPS is not going to work.
One of the strongest selling points and reasons for existance for curl is our conservatism and keeping existing behaviors. Users rely on curl to work the same over time.
As Ray already pointed out: users who really want to change the default for command lines and scripts already have --proto-default at their disposal.
I think what's happening is rather that the world is quickly moving towards HTTPS:// for everything web on the Internet so users are going to have to prepend the proper scheme anyway going forward. I think using full and proper URLs is a better way going forward.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://www.wolfssl.com/contact/ ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
