#2702 - Warn on HTTP media

By PDStig
Added 9th Jul 2016, 11:04 PM
0 views

Identifier	#2702
Issue type	Feature request or suggestion
Title	Warn on HTTP media
Status	Closed (no changes needed)
Handling member	Chris Graham
Addon	core
Description	Currently, Composr does not warn anyone when an http URL is used in a form field on a strictly https website. This can cause problems, especially for things such as user avatars, triggering mixed media messages. I think there should be a setting or something which allows for the ability for Composr to warn when someone uses an HTTP URL for an image or file field on a strictly HTTPS website.
Steps to reproduce
Funded?	No

The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".

Rating

Unrated

Comments

By Guest posted 9th Jul 2016, 11:05 PM

If implemented, make sure you consider things that auto-set these URLs, such as the Facebook addon via. avatar syndication.

By Guest posted 19th Oct 2016, 12:36 PM

Actually we handle this via the {$ENSURE_PROTOCOL_SUITABILITY,...} symbol. This symbol introduces automated proxying of non-HTTPS-compatible resources if an automatic switchover is not possible.

By Guest posted 21st Oct 2016, 1:09 PM

Shouldn't that be used by default though for avatars and photos? If it is, it must not be working for me then.

By Guest posted 21st Oct 2016, 1:10 PM

Can you show me a reproduction case?

By Guest posted 21st Oct 2016, 1:18 PM

My bad, looks like it doesn't do it anymore. It translates the URL to a proxy via. Composr's proxy script, on the appropriate protocol. Used to not do that.

By Guest posted 21st Oct 2016, 1:20 PM

Ok, well please open a bug report if you see an issue again :). It could have bugs, as it is new to v10.

#2702 - Warn on HTTP media

Rating

Comments

Statistics