It seems that the HTTP -> HTTPS redirect re-encodes already encoded chars in the URL, typically in the query string. I have experiences this at the study (next.moodle.org) and the business machine (lang.moodle.org).

To reproduce, visit URLs http://moodle.org/?temp=%21 http://next.moodle.org/?temp=%21 or http://lang.moodle.org/?temp=%21

Expected behaviour is that you are redirected to a page like https://moodle.org/?temp=! https://next.moodle.org/?temp=! or https://lang.moodle.org/?temp=!

But this happens with moodle.org only. With the other two, you end on the https page with the ?temp=%2521 at the end (as the percentage sign in the %21 is encoded again to %25).

This was driving me crazy while I was trying to test MDLSITE-2318 - thanks to poltawski for pointing me to the right direction.