Prefer https:// for URLs throughout project

[jdufresne]

No description provided.

[codecov-io]

Codecov Report

Merging #4805 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master    #4805   +/-   ##
=======================================
  Coverage   66.77%   66.77%           
=======================================
  Files          15       15           
  Lines        1568     1568           
=======================================
  Hits         1047     1047           
  Misses        521      521

Impacted Files	Coverage Δ
requests/models.py	77.35% <ø> (ø)	⬆️
requests/api.py	36.36% <ø> (ø)	⬆️
requests/sessions.py	76.34% <ø> (ø)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 207e83f...839af77. Read the comment docs.

[kennethreitz]

Did you verify all of these work?

[jdufresne]

Hi Kenneth,

I've done this same change on a number of different repositories now. I automated this change using the script:

https://github.com/jdufresne/commit-messages/blob/master/scripts/checkhttp.py

At a high level, this script does the following:

1. Scans all text files for strings that look like a URL starting with http://
2. Tries fetching the same URL but with https://
3. Check the final destination is a 200 response with protocol https:// (to avoid redirects back to http://)
4. If it looks good, replace all occurrences

After running the script, I analyze the results locally using a visual diff tool (I like meld). I undo the changes for tests that look to be intentionally using an http:// URL (requests has a lot of these). I also try to remove en/latest/ paths from readthedocs that didn't previously exist. I manually test a bunch of URLs especially any that look suspicious with a wildly different path. I re-analyze the results using GitHub's diff tool (I find looking at a diff in multiple ways can help emphasize different differences).

Many of the changed URLs share a domain. So after spot checking a few from these domains, we can be confident with the rest.

So, in summary, a script has confirmed that all these changes result in https:// URLs that 200 and several have been manually tested.

Please feel free to re-run the script to verify or do additional manual testing.

[nateprewitt]

Looks like a couple examples may be broken. I left comments on the two I had a concern about. Once those are addressed and we get this rebased onto master, I think this is set for merge.

[nateprewitt]

Why was this removed?

[nateprewitt]

Same question here.

[jdufresne]

Thanks for catching those mistakes. Restored and fixed in the latest revision.

[nateprewitt]

Cool, I think this looks good. Thanks @jdufresne! ✨