BlueJ and Greenfoot contact the server using HTTP
Currently, BlueJ and Greenfoot contact the server for a limited number of reasons:
- Ping stats.{bluej,greenfoot}.org on load
- Load bluej.org/version.info to check the latest version
- Contact greenfoot.org to log in, fetch scenario info and share scenarios
All of this is done via HTTP just because we didn't support HTTPS at the time. These days we should be using HTTPS for these by default. There is also an issue that none of these requests understand redirects (otherwise we could just redirect HTTP to HTTPS server-side); I wonder if that may be possible if we switched to using the Apache web libraries rather than the built-in JDK Connection?