We just use what @nostr.build replies. if it replies with http, it goes in http.
Hey nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z noticed in the past few versions of Amethyst all uploads to nostr:npub1nxy4qpqnld6kmpphjykvx2lqwvxmuxluddwjamm4nc29ds3elyzsm5avr7 result in HTTP links instead of HTTPS - bug?
Discussion
Thanks for confirming that mate 👌
That's why I tagged you both, so this is a nostr:npub1nxy4qpqnld6kmpphjykvx2lqwvxmuxluddwjamm4nc29ds3elyzsm5avr7 bug.
Tbh the Nostr Build TLS setup could do with a lot of improvement and it wouldn't take long.
1. Enable HSTS and enroll in HSTS preloading - that would mitigate security issues from bugs like this but HSTS is disabled for your server/CDN
2. Update TLS config to support up to 1.3, remove support for 1.0 and 1.1
There's other little things too but those two are a big boost alone and would take five minutes if that.
