Id: Offer to fix missing http:// in website tag

A website tag without http:// is highlighted as an issue

Would there be a way to make it check if the website has https first and then go with that instead of http if it does? If so, I think it would be a good idea to pick https when it's available.

I considered this when implementing the validation, but didn't follow it up for two reasons:

1. https is preferred when available, my understanding is that you'd need to send a request to every site to check that which seems like a bad idea (especially for a field that can have arbitrary values)
2. the value might not even be a website, in which case prepending the protocol only hides an issue that would hopefully be noticed when the user looks at the value

These don't necessarily mean a quick-fix can't be added, it would be convenient for users who're paying attention. I'm just not sure we can guarantee it's always a valid fix - in which case it seems unsuitable for a quick fix.

the value might not even be a website, in which case prepending the protocol only hides an issue that would hopefully be noticed when the user looks at the value

Well, if the website field is down at the bottom and you need to scroll down to see it, users might not even notice it.

Also, saying "invalid website" doesn't exactly explain the problem to users who might not realise http is needed - www.example.com looks like a valid website, so that needs some explaining.

I'm just not sure we can guarantee it's always a valid fix - in which case it seems unsuitable for a quick fix.

Not sure you can guarantee any fix in iD at the moment will always be a valid fix...?

A fix would be nice here, but it's true iD can't be sure whether a site is http or https. Sometimes they redirect to each other but sometimes they don't. There's possibly a safe way to query SSL status, but we can't just go loading any arbitrary site on the user's behalf.

I'm inclined to just remove this type of website validation check altogether. The data improvements seem relatively minor compared to the cost of prompting the user.

I can't see a safe way to query the site. Privacy forbids giving an arbitrary site the users personal information like they would get in an HTTP request

osmose checks for this error, gives the choice of both, and displays both so you can easily click and check the website: http://osmose.openstreetmap.fr/en/map/?#zoom=13&lat=55.93953&lon=-3.1811&item=3093&level=1%2C2%2C3&tags=&fixable=online

However before you remove the check I have some suggestions:

• Tell the user why it is invalid - "missing http:// or https://" or similar

  • Move the invalid field up to the top under the issues heading, see below. Maybe could do the same with other error fields?

If it must be removed, then iD should highlight the form field with a red border when it is missing http - this happens already in Firefox but not Chrome.

I removed the warning. Perhaps eventually we can flag formatting at the field level instead of the feature level, as some browsers already do.