HTTPS starts slowly, especially in low-throughput and high-latency modes , or on low-specialized machines. Unfortunately, this is apparently the standard method of protecting logins used by all major websites.
But the many sites we usually visit are easy to read . If we only occasionally want to record / update, then waiting to log in is unnecessary overhead.
The most unpleasant example for me:
- Github. I often want to visit the github page to read a project overview or view a file. But I have to wait for SSL confirmation, even if I do not want to do anything with my personal account. Github always redirects my browser from HTTP to HTTPS. Why?!
I understand that a secure connection is important for authenticating a user account. But when it affects the user experience by simply viewing publicly accessible pages, we should try to work out an alternative (and encourage large sites to accept it).
Here is a possible workaround (1):
- Allow users to create HTTP connections on our website, so we can quickly submit pages without the need for SSL confirmation.
- . , Ajax HTTPS . ( ? : , , . .)
(2):
- cookie HTTPS cookie HTTP. . ( , HTTPS, , cookie HTTP.)
- ?
(, , - , !)