It currently still works to POST to the API via http instead of https. But
we'd really like to stop allowing that, see
. Thus, the API will now return a
warning if https was expected but not used.
If you run a bot, please check your configuration to make sure that you're
using https rather than http. If you're using a distinctive user agent for
your bot (which you all are, right?), you can now check whether your bot
is using http by going to
, entering your agent
(or any useful prefix of it), and looking for "https-expected".
If for some reason your bot cannot support https, you really should upgrade
it to make that happen.
Brad Jorsch (Anomie)
Senior Software Engineer