gora-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alfonso Nishikawa <alfonso.nishik...@gmail.com>
Subject Re: Gora webpage only accessible with HTTP but not HTTPS
Date Tue, 24 Apr 2018 12:22:33 GMT
Hi,

@Cihad, yes, thank you for the issue.

I found another problem: when  "do not track" feature is enabled in the
browser, the webpage stops working too. The menus don't work.

   - El recurso en “http://w.sharethis.com/button/buttons.js” ha sido
   bloqueado porque la protección contra rastreo está activada.[Saber más]
   - El recurso en “http://s.sharethis.com/loader.js” ha sido bloqueado
   porque la protección contra rastreo está activada.[Saber más]
   - El recurso en “
   http://engineering.linkedin.com/sites/default/files/mongodb-logo.png” ha
   sido bloqueado porque la protección contra rastreo está activada.[Saber más]
   - El recurso en “http://w.sharethis.com/button/buttons.js” ha sido
   bloqueado porque la protección contra rastreo está activada.[Saber más]
   - Ha fallado la carga del <script> con origen "
   http://w.sharethis.com/button/buttons.js".
   - El recurso en “http://s.sharethis.com/loader.js” ha sido bloqueado
   porque la protección contra rastreo está activada.[Saber más]
   - Ha fallado la carga del <script> con origen "
   http://s.sharethis.com/loader.js".
   - ReferenceError: stLight is not defined[Saber más] gora.apache.org:662:1
   - ReferenceError: sharethis is not defined[Saber más] gora.apache.org:665
   :9
   - El recurso en “http://platform.twitter.com/widgets.js” ha sido
   bloqueado porque la protección contra rastreo está activada.[Saber más]
   - Ha fallado la carga del <script> con origen "
   http://platform.twitter.com/widgets.js".
   - El recurso en “
   http://engineering.linkedin.com/sites/default/files/mongodb-logo.png” ha
   sido bloqueado porque la protección contra rastreo está activada.[Saber más]
   - Ha fallado la carga del <script> con origen "
   https://static.doubleclick.net/instream/ad_status.js".

(sorry it is not in english, but I guess the resources names are clear :)
Only happens to me? :P Am I the only one with the "do not track" feature
enabled?

Regards,

Alfonso


2018-04-12 6:47 GMT-01:00 Cihad Guzel <cguzelg@gmail.com>:

> Hi,
>
> When accessing with HTTPS, chrome browser show a warning as "Your
> connection to this site is not fully secure". This is because, gora web
> site have a few http url (not https) in html code.
>
> Chrome console show some error as follow:
>
> "Mixed Content: The page at 'https://gora.apache.org/' was loaded over
> HTTPS, but requested an insecure script '
> http://w.sharethis.com/button/buttons.js'. This request has been blocked;
> the content must be served over HTTPS."
>
> We can open an issue on this subject. Maybe Alfonso's problem is related to
> this issue.
>
> Regards,
> Cihad Güzel
>
>
> 2018-04-12 1:57 GMT+03:00 lewis john mcgibbney <lewismc@apache.org>:
>
> > Hi Alfonso,
> > I have no clue at all...
> >
> > On Wed, Apr 11, 2018 at 3:55 PM, <dev-digest-help@gora.apache.org>
> wrote:
> >
> > >
> > >
> > > From: Alfonso Nishikawa <alfonso.nishikawa@gmail.com>
> > > To: "<dev@gora.apache.org>" <dev@gora.apache.org>
> > > Cc:
> > > Bcc:
> > > Date: Wed, 11 Apr 2018 18:07:19 -0100
> > > Subject: Gora webpage only accessible with HTTP but not HTTPS
> > > Hi!
> > >
> > > It seems gora.apache.org is only accessible with HTTP. When accessing
> > with
> > > HTTPS several files are being filtered (security does not allow to load
> > > HTTP content from a HTTPS request) and things like the menus don't
> work.
> > > Anyone has knowledge about the template? I saw things like "{base}"
> and I
> > > did not change anything to avoid crashing the unknown.
> > >
> > > Thanks!
> > >
> > > ALfonso
> > >
> > >
> >
> >
> > --
> > http://home.apache.org/~lewismc/
> > http://people.apache.org/keys/committer/lewismc
> >
>
>
>
> --
> Cihad Güzel
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message