Update urls to HTTPS

Signed-off-by: J0WI <J0WI@users.noreply.github.com>

admin_manual/configuration_database/linux_database_configuration.rst

@@ -4,8 +4,8 @@ Database configuration
 
 Nextcloud requires a database in which administrative data is stored. The following databases are currently supported:
 
-* `MySQL <http://www.mysql.com/>`_ / `MariaDB <https://mariadb.org/>`_
-* `PostgreSQL <http://www.postgresql.org/>`_
+* `MySQL <https://www.mysql.com/>`_ / `MariaDB <https://mariadb.org/>`_
+* `PostgreSQL <https://www.postgresql.org/>`_
 * `Oracle <http://www.oracle.com/>`_
 
 The MySQL or MariaDB databases are the recommended database engines.

admin_manual/configuration_files/big_file_upload_configuration.rst

@@ -75,9 +75,9 @@ Apache with mod_fcgid
 
 nginx
 ^^^^^
-* `client_max_body_size <http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size>`_
-* `fastcgi_read_timeout <http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_read_timeout>`_
-* `client_body_temp_path <http://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_temp_path>`_
+* `client_max_body_size <https://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size>`_
+* `fastcgi_read_timeout <https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_read_timeout>`_
+* `client_body_temp_path <https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_temp_path>`_
 
 Since nginx 1.7.11 a new config option `fastcgi_request_buffering
 <https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_request_buffering>`_
@@ -95,8 +95,8 @@ If your site is behind a nginx frontend (for example a loadbalancer):
 
 By default, downloads will be limited to 1GB due to ``proxy_buffering`` and ``proxy_max_temp_file_size`` on the frontend.
 
-* If you can access the frontend's configuration, disable `proxy_buffering <http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering>`_ or increase `proxy_max_temp_file_size <http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_max_temp_file_size>`_ from the default 1GB.
-* If you do not have access to the frontend, set the `X-Accel-Buffering <http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering>`_ header to ``add_header X-Accel-Buffering no;`` on your backend server.
+* If you can access the frontend's configuration, disable `proxy_buffering <https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering>`_ or increase `proxy_max_temp_file_size <https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_max_temp_file_size>`_ from the default 1GB.
+* If you do not have access to the frontend, set the `X-Accel-Buffering <https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering>`_ header to ``add_header X-Accel-Buffering no;`` on your backend server.
 
 Configuring PHP
 ---------------

admin_manual/configuration_files/external_storage_configuration_gui.rst

@@ -91,7 +91,7 @@ Using self-signed certificates
 When using self-signed certificates for external storage mounts the certificate
 must be imported into the personal settings of the user. Please refer to 
 `Nextcloud HTTPS External Mount 
-<http://ownclouden.blogspot.de/2014/11/owncloud-https-external-mount.html>`_
+<https://ownclouden.blogspot.de/2014/11/owncloud-https-external-mount.html>`_
 for more information.
 
 Available storage backends

admin_manual/configuration_server/antivirus_configuration.rst

@@ -5,7 +5,7 @@ Antivirus scanner
 You can configure your Nextcloud server to automatically run a virus scan on
 newly-uploaded files with the Antivirus app for Files. The Antivirus app for
 Files integrates the open source anti-virus engine `ClamAV
-<http://www.clamav.net/index.html>`_  with Nextcloud. ClamAV detects all forms
+<https://www.clamav.net/index.html>`_  with Nextcloud. ClamAV detects all forms
 of malware including Trojan horses, viruses, and worms, and it operates on all
 major file types including Windows, Linux, and Mac files, compressed files,
 executables, image files, Flash, PDF, and many others. ClamAV's Freshclam

admin_manual/configuration_server/caching_configuration.rst

@@ -27,7 +27,7 @@ of memcache that best fits your needs. The supported caching backends are:
    A local cache for systems.
 * `Redis <http://redis.io/>`_, PHP module 2.2.6 and up required.
    For local and distributed caching as well as transactional file locking.
-* `Memcached <http://www.memcached.org/>`_
+* `Memcached <https://www.memcached.org/>`_
    For distributed caching.
    
 Memcaches must be explicitly configured in Nextcloud by installing

admin_manual/configuration_server/config_sample_php_parameters.rst

@@ -987,7 +987,7 @@ Defaults to an empty array.
 
 	'logdateformat' => 'F d, Y H:i:s',
 
-This uses PHP.date formatting; see http://php.net/manual/en/function.date.php
+This uses PHP.date formatting; see https://php.net/manual/en/function.date.php
 
 Defaults to ISO 8601 ``2005-08-15T15:52:01+00:00`` - see \DateTime::ATOM
 (https://secure.php.net/manual/en/class.datetime.php#datetime.constants.atom)
@@ -997,7 +997,7 @@ Defaults to ISO 8601 ``2005-08-15T15:52:01+00:00`` - see \DateTime::ATOM
 	'logtimezone' => 'Europe/Berlin',
 
 The timezone for logfiles. You may change this; see
-http://php.net/manual/en/timezones.php
+https://php.net/manual/en/timezones.php
 
 Defaults to ``UTC``
 

admin_manual/installation/nginx.rst

@@ -10,7 +10,7 @@ server. These configurations examples were originally provided by
 -  Adjust **server_name**, **root**, **ssl_certificate** and
    **ssl_certificate_key** to suit your needs.
 -  Make sure your SSL certificates are readable by the server (see `nginx HTTP
-   SSL Module documentation <http://wiki.nginx.org/HttpSslModule>`_).
+   SSL Module documentation <https://wiki.nginx.org/HttpSslModule>`_).
 -  Be careful about line breaks if you copy the examples, as long lines may be
    broken for page formatting.
 -  Some environments might need a ``cgi.fix_pathinfo`` set to ``1`` in their

admin_manual/installation/server_tuning.rst

@@ -35,7 +35,7 @@ Using MariaDB/MySQL instead of SQLite
 
 MySQL or MariaDB are preferred because of the `performance limitations of 
 SQLite with highly concurrent applications 
-<http://www.sqlite.org/whentouse.html>`_, like Nextcloud.
+<https://www.sqlite.org/whentouse.html>`_, like Nextcloud.
 
 See the section :doc:`../configuration_database/linux_database_configuration` for how to
 configure Nextcloud for MySQL or MariaDB. If your installation is already running on
@@ -70,7 +70,7 @@ SSL / encryption app
 SSL (HTTPS) and file encryption/decryption can be offloaded to a processor's 
 AES-NI extension. This can both speed up these operations while lowering 
 processing overhead. This requires a processor with the `AES-NI instruction set 
-<http://wikipedia.org/wiki/AES_instruction_set>`_.
+<https://wikipedia.org/wiki/AES_instruction_set>`_.
 
 Here are some examples how to check if your CPU / environment supports the 
 AES-NI extension:
@@ -81,7 +81,7 @@ AES-NI extension:
 
 * Search eg. on the Intel web if the processor used supports the extension 
   `Intel Processor Feature Filter 
-  <http://ark.intel.com/MySearch.aspx?AESTech=true>`_ You may set a filter by 
+  <https://ark.intel.com/MySearch.aspx?AESTech=true>`_ You may set a filter by 
   ``"AES New Instructions"`` to get a reduced result set.
    
 * For versions of openssl >= 1.0.1, AES-NI does not work via an engine and 
@@ -98,7 +98,7 @@ AES-NI extension:
 Enable HTTP2 for faster loading
 -------------------------------
 
-HTTP2 has `huge speed improvements <https://www.troyhunt.com/i-wanna-go-fast-https-massive-speed-advantage/>`_ over HTTP with multiple request. Most `browsers already support HTTP2 over SSL (HTTPS) <http://caniuse.com/#feat=http2>`_. So refer to your server manual for guides on how to use HTTP2.
+HTTP2 has `huge speed improvements <https://www.troyhunt.com/i-wanna-go-fast-https-massive-speed-advantage/>`_ over HTTP with multiple request. Most `browsers already support HTTP2 over SSL (HTTPS) <https://caniuse.com/#feat=http2>`_. So refer to your server manual for guides on how to use HTTP2.
 
 Tune PHP-FPM
 ------------
@@ -123,7 +123,7 @@ Depending on your current PHP version you should find this file e.g. under ``/et
 Enable PHP OPcache
 ------------------
 
-The `OPcache <http://php.net/manual/en/intro.opcache.php>`_ improves the performance of PHP applications by caching precompiled bytecode. We recommend at least the following settings:
+The `OPcache <https://php.net/manual/en/intro.opcache.php>`_ improves the performance of PHP applications by caching precompiled bytecode. We recommend at least the following settings:
 
 .. code:: ini
 
@@ -134,4 +134,4 @@ The `OPcache <http://php.net/manual/en/intro.opcache.php>`_ improves the perform
   opcache.save_comments=1
   opcache.revalidate_freq=1
 
-For more details check out the `official documentation <http://php.net/manual/en/opcache.configuration.php>`_ or `this blog post about some recommended settings <https://www.scalingphpbook.com/blog/2014/02/14/best-zend-opcache-settings.html>`_.
+For more details check out the `official documentation <https://php.net/manual/en/opcache.configuration.php>`_ or `this blog post about some recommended settings <https://www.scalingphpbook.com/blog/2014/02/14/best-zend-opcache-settings.html>`_.

admin_manual/installation/source_installation.rst

@@ -26,7 +26,7 @@ Prerequisites for manual installation
 
 The Nextcloud .tar archive contains all of the required PHP modules. This
 section lists all required and optional PHP modules.  Consult the `PHP manual
-<http://php.net/manual/en/extensions.php>`_ for more information on modules.
+<https://php.net/manual/en/extensions.php>`_ for more information on modules.
 Your Linux distribution should have packages for all required modules. You can
 check the presence of a module by typing ``php -m | grep -i <module_name>``.
 If you get a result, the module is present.

admin_manual/issues/general_troubleshooting.rst

@@ -35,7 +35,7 @@ configuration report with the :ref:`occ config command
 .. _the Nextcloud Forums: https://help.nextcloud.com
 .. _FAQ page: https://help.nextcloud.com/c/faq
 .. _bugtracker: https://github.com/nextcloud/server/issues
-.. _webchat: http://webchat.freenode.net/?channels=nextcloud
+.. _webchat: https://webchat.freenode.net/?channels=nextcloud
    https://docs.nextcloud.org/server/latest/developer_manual/bugtracker/index.html
 .. TODO ON RELEASE: Update version number above on release
 

build/generateIconsDoc.php

@@ -17,7 +17,7 @@
  *  GNU Affero General Public License for more details.
  *
  *  You should have received a copy of the GNU Affero General Public License
- *  along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *  along with this program. If not, see <https://www.gnu.org/licenses/>.
  *
  */
 

developer_manual/app_development/tutorial.rst

@@ -581,7 +581,7 @@ and **notestutorial/lib/Service/NotFoundException.php**:
     class NotFoundException extends ServiceException {}
 
 
-Remember how we had all those ugly try catches that where checking for **DoesNotExistException** and simply returned a 404 response? Let's also put this into a reusable class. In our case we chose a `trait <http://php.net/manual/en/language.oop5.traits.php>`_ so we can inherit methods without having to add it to our inheritance hierarchy. This will be important later on when you've got controllers that inherit from the **ApiController** class instead.
+Remember how we had all those ugly try catches that where checking for **DoesNotExistException** and simply returned a 404 response? Let's also put this into a reusable class. In our case we chose a `trait <https://php.net/manual/en/language.oop5.traits.php>`_ so we can inherit methods without having to add it to our inheritance hierarchy. This will be important later on when you've got controllers that inherit from the **ApiController** class instead.
 
 The trait is created in **notestutorial/lib/Controller/Errors.php**:
 

developer_manual/app_publishing_maintenance/publishing.rst

@@ -16,7 +16,7 @@ The Nextcloud app store is built into Nextcloud to allow you to get your apps to
 
 Getting an app approved
 -----------------------
-You can find documentation on getting apps in our app store `here. <http://nextcloudappstore.readthedocs.io/en/latest/developer.html#publishing-apps-on-the-app-store>`_
+You can find documentation on getting apps in our app store `here. <https://nextcloudappstore.readthedocs.io/en/latest/developer.html#publishing-apps-on-the-app-store>`_
 
 Using the code checker
 ^^^^^^^^^^^^^^^^^^^^^^

developer_manual/basics/dependency_injection.rst

@@ -10,7 +10,7 @@ This makes the code easier to test and thus easier to maintain.
 
 If you are unfamiliar with this pattern, watch the following video:
 
-* `Google Clean Code Talks <http://www.youtube.com/watch?v=RlfLCWKxHJ0>`_
+* `Google Clean Code Talks <https://www.youtube.com/watch?v=RlfLCWKxHJ0>`_
 
 .. _dependency-injection:
 
@@ -380,12 +380,12 @@ In general all of the app's controllers need to be registered inside the contain
 
 * It does I/O (database, write/read to files)
 * It is a global (e.g. $_POST, etc. This is in the request class by the way)
-* The output does not depend on the input variables (also called `impure function <http://en.wikipedia.org/wiki/Pure_function>`_), e.g. time, random number generator
+* The output does not depend on the input variables (also called `impure function <https://en.wikipedia.org/wiki/Pure_function>`_), e.g. time, random number generator
 * It is a service, basically it would make sense to swap it out for a different object
 
 What not to inject:
 
 * It is pure data and has methods that only act upon it (arrays, data objects)
-* It is a `pure function <http://en.wikipedia.org/wiki/Pure_function>`_
+* It is a `pure function <https://en.wikipedia.org/wiki/Pure_function>`_
 
 .. _`reflection`: https://www.php.net/manual/en/book.reflection.php

developer_manual/basics/testing.rst

@@ -4,7 +4,7 @@ Testing
 
 .. sectionauthor:: Bernhard Posselt <dev@bernhard-posselt.com>
 
-All PHP classes can be tested with `PHPUnit <http://phpunit.de/>`_, JavaScript can be tested by using `Karma <http://karma-runner.github.io>`_.
+All PHP classes can be tested with `PHPUnit <https://phpunit.de/>`_, JavaScript can be tested by using `Karma <http://karma-runner.github.io>`_.
 
 
 

developer_manual/core/unit-testing.rst

@@ -90,7 +90,7 @@ when overwriting ``setUp()``, ``setUpBeforeClass()``, ``tearDown()`` or ``tearDo
 from the TestCase. These methods set up important stuff and clean up the system after the test,
 so the next test can run without side effects, like remaining files and entries in the file cache, etc.
 
-For more resources on PHPUnit visit: http://www.phpunit.de/manual/current/en/writing-tests-for-phpunit.html
+For more resources on PHPUnit visit: https://www.phpunit.de/manual/current/en/writing-tests-for-phpunit.html
 
 Bootstrapping Nextcloud
 ^^^^^^^^^^^^^^^^^^^^^^^
@@ -146,9 +146,9 @@ To run a specific test suite (note that the test file path is relative to the "t
 
 Further reading
 ^^^^^^^^^^^^^^^
-- http://googletesting.blogspot.de/2008/08/by-miko-hevery-so-you-decided-to.html
-- http://www.phpunit.de/manual/current/en/writing-tests-for-phpunit.html
-- http://www.youtube.com/watch?v=4E4672CS58Q&feature=bf_prev&list=PLBDAB2BA83BB6588E
+- https://googletesting.blogspot.de/2008/08/by-miko-hevery-so-you-decided-to.html
+- https://www.phpunit.de/manual/current/en/writing-tests-for-phpunit.html
+- https://www.youtube.com/watch?v=4E4672CS58Q&feature=bf_prev&list=PLBDAB2BA83BB6588E
 - Clean Code: A Handbook of Agile Software Craftsmanship (Robert C. Martin)
 
 JavaScript unit testing for core
@@ -161,7 +161,7 @@ Installing Node JS
 
 To run the JavaScript unit tests you will need to install **Node JS**.
 
-You can get it here: http://nodejs.org/
+You can get it here: https://nodejs.org/
 
 After that you will need to setup the **Karma** test environment.
 The easiest way to do this is to run the automatic test script first, see next section.
@@ -202,6 +202,6 @@ Documentation
 
 Here are some useful links about how to write unit tests with Jasmine and Sinon:
 
-- Karma test runner: http://karma-runner.github.io
-- Jasmine: http://pivotal.github.io/jasmine
+- Karma test runner: https://karma-runner.github.io/
+- Jasmine: https://pivotal.github.io/jasmine
 - Sinon (for mocking and stubbing): http://sinonjs.org/

developer_manual/digging_deeper/debugging.rst

@@ -61,7 +61,7 @@ XDebug will now (when activated) try to connect to localhost on port 9000, and w
 - SublimeTextXdebug - XDebug client for Sublime Text
 - PHPStorm - in-built DBGP debugger
 
-For further reading, see the XDebug documentation: http://xdebug.org/docs/remote
+For further reading, see the XDebug documentation: https://xdebug.org/docs/remote
 
 Once you are familiar with how your debugging client works, you can start debugging with XDebug. To test Nextcloud through the web interface or other HTTP requests, set the ``XDEBUG_SESSION_START`` cookie or POST parameter. Alternatively, there are browser extensions to make this easy:
 

developer_manual/getting_started/codingguidelines.rst

@@ -28,7 +28,7 @@ The most important labels and their meaning:
 * #bug - this issue is a bug
 * #enhancement - this issue is a feature request/idea for improvement of Nextcloud
 * #design - this needs help from the design team or is a design-related issue/pull request
-* #technical debt - this issue or PR is about `technical debt <http://en.wikipedia.org/wiki/Technical_debt>`_
+* #technical debt - this issue or PR is about `technical debt <https://en.wikipedia.org/wiki/Technical_debt>`_
 * #good first issue - these are issues which are relatively easy to solve and ideal for people who want to learn how to code in Nextcloud
 * #needs info - this issue needs further information from the reporter, see :doc:`../bugtracker/triaging`
 * #high #medium #low signify how important the bug is.
@@ -82,7 +82,7 @@ Nextcloud is licensed under the `GNU AGPLv3 <https://www.gnu.org/licenses/agpl>`
    * GNU Affero General Public License for more details.
    *
    * You should have received a copy of the GNU Affero General Public License
-   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   * along with this program.  If not, see <https://www.gnu.org/licenses/>.
    *
    */
 
@@ -113,11 +113,11 @@ at the start of your php code. The final closing::
 
   ?>
 
-should not be used at the end of the file due to the `possible issue of sending white spaces <http://stackoverflow.com/questions/4410704/php-closing-tag>`_.
+should not be used at the end of the file due to the `possible issue of sending white spaces <https://stackoverflow.com/questions/4410704/php-closing-tag>`_.
 
 Comments
 ^^^^^^^^
-All API methods need to be marked with `PHPDoc <http://en.wikipedia.org/wiki/PHPDoc>`_ markup. An example would be:
+All API methods need to be marked with `PHPDoc <https://en.wikipedia.org/wiki/PHPDoc>`_ markup. An example would be:
 
 .. code-block:: php
 
@@ -431,7 +431,7 @@ Control structures
 CSS
 ---
 
-Take a look at the `Writing Tactical CSS & HTML <http://www.youtube.com/watch?v=hou2wJCh3XE&feature=plcp>`_ video on YouTube.
+Take a look at the `Writing Tactical CSS & HTML <https://www.youtube.com/watch?v=hou2wJCh3XE&feature=plcp>`_ video on YouTube.
 
 Don't bind your CSS too much to your HTML structure and try to avoid IDs. Also try to make your CSS reusable by grouping common attributes into classes.
 

developer_manual/getting_started/debugging.rst

@@ -61,7 +61,7 @@ XDebug will now (when activated) try to connect to localhost on port 9000, and w
 - SublimeTextXdebug - XDebug client for Sublime Text
 - PHPStorm - in-built DBGP debugger
 
-For further reading, see the XDebug documentation: http://xdebug.org/docs/remote
+For further reading, see the XDebug documentation: https://xdebug.org/docs/remote
 
 Once you are familiar with how your debugging client works, you can start debugging with XDebug. To test Nextcloud through the web interface or other HTTP requests, set the ``XDEBUG_SESSION_START`` cookie or POST parameter. Alternatively, there are browser extensions to make this easy:
 

developer_manual/prologue/bugtracker/codereviews.rst

@@ -58,4 +58,4 @@ Questions?
 Feel free to drop a line on the `forums`_ or join us on `IRC`_.
 
 .. _forums: https://help.nextcloud.com/
-.. _IRC: http://webchat.freenode.net/?channels=nextcloud-dev
+.. _IRC: https://webchat.freenode.net/?channels=nextcloud-dev

developer_manual/prologue/development_process.rst

@@ -256,7 +256,7 @@ make up the changelog for the release. Furthermore, HuBoard allows us to filter
 the Kanban board by Milestone, making it especially easy to focus on the current
 Release.
 
-.. _kanban board: http://en.wikipedia.org/wiki/Kanban_board
+.. _kanban board: https://en.wikipedia.org/wiki/Kanban_board
 .. _forums: https://help.nextcloud.org
 .. _Gherkin: https://github.com/cucumber/cucumber/wiki/Gherkin
 .. _existing ones: https://github.com/nextcloud/server/tree/master/build/integration/features

developer_manual/prologue/security.rst

@@ -13,7 +13,7 @@ This guideline highlights some of the most common security problems and how to p
 SQL injection
 -------------
 
-`SQL Injection <http://en.wikipedia.org/wiki/SQL_injection>`_ occurs when SQL query strings are concatenated with variables.
+`SQL Injection <https://en.wikipedia.org/wiki/SQL_injection>`_ occurs when SQL query strings are concatenated with variables.
 
 To prevent this, always use prepared queries:
 
@@ -38,7 +38,7 @@ If the App Framework is used, write SQL queries like this in a class that extend
 Cross site scripting
 --------------------
 
-`Cross site scripting <http://en.wikipedia.org/wiki/Cross-site_scripting>`_ happens when user input is passed directly to templates. A potential attacker might be able to inject HTML/JavaScript into the page to steal the users session, log keyboard entries, even perform DDOS attacks on other websites or other malicious actions.
+`Cross site scripting <https://en.wikipedia.org/wiki/Cross-site_scripting>`_ happens when user input is passed directly to templates. A potential attacker might be able to inject HTML/JavaScript into the page to steal the users session, log keyboard entries, even perform DDOS attacks on other websites or other malicious actions.
 
 Despite the fact that Nextcloud uses Content-Security-Policy to prevent the execution of inline JavaScript code developers are still required to prevent XSS. CSP is just another layer of defense that is not implemented in all web browsers.
 
@@ -103,7 +103,7 @@ It may also be wise to choose a proper JavaScript framework like AngularJS which
 Clickjacking
 ------------
 
-`Clickjacking <http://en.wikipedia.org/wiki/Clickjacking>`_ tricks the user to click into an invisible iframe to perform an arbitrary action (e.g. delete an user account)
+`Clickjacking <https://en.wikipedia.org/wiki/Clickjacking>`_ tricks the user to click into an invisible iframe to perform an arbitrary action (e.g. delete an user account)
 
 To prevent such attacks Nextcloud sends the `X-Frame-Options` header to all template responses. Don't remove this header if you don't really need it!
 
@@ -161,7 +161,7 @@ Very often developers forget about sanitizing the file path (removing all \\ and
 Shell injection
 ---------------
 
-`Shell Injection <http://en.wikipedia.org/wiki/Code_injection#Shell_injection>`_ occurs if PHP code executes shell commands (e.g. running a latex compiler). Before doing this, check if there is a PHP library that already provides the needed functionality. If you really need to execute a command be aware that you have to escape every user parameter passed to one of these functions:
+`Shell Injection <https://en.wikipedia.org/wiki/Code_injection#Shell_injection>`_ occurs if PHP code executes shell commands (e.g. running a latex compiler). Before doing this, check if there is a PHP library that already provides the needed functionality. If you really need to execute a command be aware that you have to escape every user parameter passed to one of these functions:
 
 * **exec()**
 * **shell_exec()**
@@ -216,7 +216,7 @@ Always store user data or configuration files in safe locations, e.g. **nextclou
 Cross site request forgery
 --------------------------
 
-Using `CSRF <http://en.wikipedia.org/wiki/Cross-site_request_forgery>`_ one can trick a user into executing a request that they did not want to make. Thus every POST and GET request needs to be protected against it. The only places where no CSRF checks are needed are in the main template, which is rendering the application, or in externally callable interfaces.
+Using `CSRF <https://en.wikipedia.org/wiki/Cross-site_request_forgery>`_ one can trick a user into executing a request that they did not want to make. Thus every POST and GET request needs to be protected against it. The only places where no CSRF checks are needed are in the main template, which is rendering the application, or in externally callable interfaces.
 
 .. note:: Submitting a form is also a POST/GET request!
 

index.html

@@ -23,7 +23,7 @@
 		<!-- Open Graph data -->
 		<meta property="og:title" content="Nextcloud Documentation" />
 		<meta property="og:type" content="article" />
-		<meta property="og:url" content="http://docs.nextcloud.com" />
+		<meta property="og:url" content="https://docs.nextcloud.com/" />
 		<meta property="og:description" content="Nextcloud is an open source, self-hosted file share and communication platform. Access &amp; sync your files, contacts, calendars &amp; communicate and collaborate across your devices. You decide what happens with your data, where it is and who can access it!" />
 		<meta property="og:site_name" content="Nextcloud" />
 		<meta property="fb:admins" content="1032807203462807" />