On 8/3/09 10:56 AM, Neil Harris wrote:
I've noticed that images such as the sitelogo in the login page linked above are still served via HTTP, even when going through the secure server. This causes Firefox to regard the whole page as potentially compromised by unencrypted content, and it issues a warning message to that effect.
Although the user can click through that warning, it would be much better to have images served via HTTPS on pages from the secure server, rather than habituating users into clicking through warning messages.
Yep, that's on my todo list for the ops boys this month. :)
Some BZ entries for your reference: https://bugzilla.wikimedia.org/show_bug.cgi?id=16822 https://bugzilla.wikimedia.org/show_bug.cgi?id=18496
also for interwiki links: https://bugzilla.wikimedia.org/show_bug.cgi?id=5440
and a note on some of the JS gadgets: https://bugzilla.wikimedia.org/show_bug.cgi?id=17966
Once we have a cleaner interface for hitting the general pages (without the 'secure.wikimedia.org' crappy single host) I'd also like us to get the login pages running always through SSL: https://bugzilla.wikimedia.org/show_bug.cgi?id=225 -- brion