I noticed that the javascript and typescript extensions both make requests to schemastore.org port 80. I realize this isn't the most sensitive piece of data, but as a security-aware user, I would prefer external HTTP requests to actually be HTTPS :)

Doing a little research, I came across SchemaStore/schemastore#12 which involved some discussion about making secure requests for these files.

I've got a commit handy that changes the URLs to use the pattern, which allows Code to make these requests over HTTPS.

• VSCode Version: 1.19.1
• OS Version: All

Steps to Reproduce:

1. Install a network monitor tool (e.g. Little Snitch on MacOS)
2. Launch VS Code
3. After a few moments, the network monitor will report a request to schemastore.org:80

Reproduces without extensions: No