Bug #9389
Use https links to avoid mixed content warnings from browsers
Status: | Verified | Start date: | 02/01/2016 | |
---|---|---|---|---|
Priority: | Medium | Due date: | ||
Assignee: | Mike Gale | % Done: | 0% | |
Category: | Security | |||
Target version: | Release 2.2.1 | |||
Google Code Legacy ID: | Tested version: | 2.2, 2.3 | ||
Sponsored: | No | Requires documentation: |
History
#2 Updated by Jesús García Crespo over 6 years ago
- Status changed from New to QA/Review
- Assignee changed from Jesús García Crespo to Dan Gillean
This is in qa/2.3.x. If we can verify this we should probably backport to stable/2.2.x right?
#3 Updated by David Hume over 6 years ago
Have deployed Jesus' code changes. We recently discovered when that, when logged in on a site with SSL security setting activated, virtually any page went to (including administrative ones like "Settings") the green padlock indicating the site was fully secure had the extra symbol (roughly "/!\" in Firefox e.g.) that indicated "mixed content" (not fully secure). Probably due to references hidden on the page to non-secure URLs like
Qubit.updateCheck.url = 'http://www.accesstomemory.org/check/v2/'; etc.
which have now been pointed to https since those reference sites support that.
If fixed, should not see any indication of "mixed content", just a clean padlock on each page.
Need any clarifications Dan, just let me know.
- David H.
#4 Updated by Dan Gillean over 6 years ago
- Status changed from QA/Review to Verified
Spent a bunch of time checking it out, all came back looking good!
#5 Updated by Dan Gillean over 6 years ago
- Status changed from Verified to In progress
- Assignee changed from Dan Gillean to Jesús García Crespo
Assigning back to JGC for back-porting to stable/2.2.x
#6 Updated by Mike Gale over 6 years ago
- Status changed from In progress to Verified
- Assignee changed from Jesús García Crespo to Mike Gale
I've back ported this to 2.2.x.