WTDWTF site cert problem?
-
Is this right? Maybe switching phones caused me to notice this for the first time...
-
Were you viewing a thread where someone had embedded content from Imgur or something?
-
Is this right?
yeah, discourse doesn't proxy non https images to https when in https mode, and as we don't rehost the images (which is the default) of you run across one of those images in a thread chrome flips that warning and it stays flipped until you refresh.
-
Yellow on the topic list:
Green on the topic:
-
That's weird; the post in question doesn't contain any external content
-
Quite.
It's now yellow even after a refresh, despite there being nothing obviously hosted elsewhere in the topic.
-
Actually....
Mixed Content: The page at 'https://what.thedailywtf.com/t/wtdwtf-site-cert-problem/50961' was loaded over HTTPS, but requested an insecure image 'http://what.thedailywtf.com/user_avatar/what.thedailywtf.com/accalia/45/14105.png'. This content should also be served over HTTPS.
EDIT: Nope.
-
-
Removed. I R an idiot.
-
See how the lock by the first section is green? The cert is fine. Read the words, they say "mixed content" (but in a more verbose way).
-
I was viewing the root topic list, like @loopback0 mentioned.
-
The cert is fine
You're right. Still, is there supposed to be mixed content on topic lists?
-
Probably not, but chrome (and other browsers) will only insecurely load images, as they're not typically a massive security risk (while mixed content scripts, etc can break TLS). So it's not too big of a deal, but if an admin gets bored, they could track it down and fix it.
-
Were you viewing a topic before?
I'm wondering if because the full page doesn't reload, it's just yellow because of mixed content in something you looked at previously.
-
@loopback0, I think you have it. I just refreshed the topic list, and the lock turned green.