On Thursday, February 19, 2015, Andrea Pescetti <pesce...@apache.org> wrote:
> On 19/02/2015 Marcus wrote: > >> OK, next try. Still an error message? >> > > Well... we NOWHERE, and I repeat NOWHERE, advertise the URL > https://www.openoffice.org ; as a courtesy to those people who prefer > HTTPS, we make it available, but if they use broken extensions or paranoid > security settings they cannot blame us too much. two things I agree they cannot blame us, but since we have a https: site it should work. A simple alternative is to add a .httpaccess and route https: to a single dummy page saying unsupported. just my 2ct. rgds jan i > > Then: > > 1) I also get (Firefox) the warning about "This website does not supply > identity information"; I didn't investigate this one. > > 2) We still load components from HTTP. Marcus, the Net panel in Firebug > will show you the URLs to all components. You will see that starting with a > 404 (?) for http://www.openoffice.org/images/formElementDropShadow. > png?2011060812 you have a series of action buttons that are all included > via HTTP. This is because lines 56- of > https://www.openoffice.org/home.css > contain explicit HTTP links. > > You may fix it (but I would need to check the CSS syntax for the url() > parameter) by: > - Using /path/to links as Ariel suggested > - Using // URLs (e.g., "//www.openoffice.org" will point to > https://www.openoffice.org when called in a https page and to > http://www.openoffice.org when called in a http page) ; I'm not a big fan > of this solution, I would prefer the former one. > > All of this would anyway fix an undocumented, unpublished URL that we make > available just to please people (remember, this is a static HTML site with > no interactive server-side functionality or logins). > > Regards, > Andrea. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org > For additional commands, e-mail: dev-h...@openoffice.apache.org > > -- Sent from My iPad, sorry for any misspellings.
