[atlas]warning pop-up in IE for the various atlas-related pages
Folks, I noticed that I have to ack a warning pop-up (served by IE7 ;-) ) for each page that is realted to the atlas stuff. IE complains about a mix of secured and unsecured components on the page. In principle I'd prefer continuing with httpS, but the warnings are a real nuisance. Anyone else seeing this? Btw, the Labs stuff shows the same behaviour. Wilfried.
On 2010.11.23. 13:58, Wilfried Woeber, UniVie/ACOnet wrote:
Folks, I noticed that I have to ack a warning pop-up (served by IE7 ;-) ) for each page that is realted to the atlas stuff. IE complains about a mix of secured and unsecured components on the page.
In principle I'd prefer continuing with httpS, but the warnings are a real nuisance.
Why are you using a browser that annoys you? :-)
Anyone else seeing this? Btw, the Labs stuff shows the same behaviour.
That's in fact the case (mixed content) if you use https - some stuff comes from external sites (like Google Maps scripts) without https. Other browsers have more user friendly mechanisms though. Robert
Wilfried.
Robert Kisteleki wrote: [...]
Why are you using a browser that annoys you? :-)
That was a nice one :-)
Anyone else seeing this? Btw, the Labs stuff shows the same behaviour.
Iceweasel on Debian Linux does the same, btw, just checked...
That's in fact the case (mixed content) if you use https - some stuff comes from external sites (like Google Maps scripts) without https. Other browsers have more user friendly mechanisms though.
Suggestions? ;-)
Robert
Wilfried.
On 23.11 17:41, Wilfried Woeber, UniVie/ACOnet wrote:
Robert Kisteleki wrote:
[...]
Why are you using a browser that annoys you? :-)
That was a nice one :-)
Anyone else seeing this? Btw, the Labs stuff shows the same behaviour.
Iceweasel on Debian Linux does the same, btw, just checked...
That's in fact the case (mixed content) if you use https - some stuff comes from external sites (like Google Maps scripts) without https. Other browsers have more user friendly mechanisms though.
Suggestions? ;-)
firefox, chrome, safari Daniel
On 23/11/2010 18:41, Wilfried Woeber, UniVie/ACOnet wrote:
Iceweasel on Debian Linux does the same, btw, just checked...
That's in fact the case (mixed content) if you use https - some stuff comes from external sites (like Google Maps scripts) without https. Other browsers have more user friendly mechanisms though. Suggestions? ;-)
IceWeasel is actually de-branded Firefox, so it has the same settings -- under Preferences -> Security -> Warning Messages, the last one in the list controls this. Personally I disable all except the 'low-grade encryption' one, otherwise browsing in general is painful with lots of sites giving warnings. I know this is more of a workaround, however in the case of Atlas the 'clean' solution would involve serving all the content from just one virtual-host for SSL, and that is simply not attainable with the current architecture of the website(s). On a related note, I tested now and the login page does not automatically redirect to https:// if accessed by http://, and I think it should. That's for the security of anyone using the service... Best regards, -- Mihnea-Costin Grigore RIPE NCC Web Developer - http://ripe.net/
On 2010.11.24. 10:43, Mihnea-Costin Grigore wrote:
I know this is more of a workaround, however in the case of Atlas the 'clean' solution would involve serving all the content from just one virtual-host for SSL, and that is simply not attainable with the current architecture of the website(s).
We have external content (Google Maps) for which we cannot depend on https.
On a related note, I tested now and the login page does not automatically redirect to https:// if accessed by http://, and I think it should. That's for the security of anyone using the service...
Good point. Robert
participants (4)
-
Daniel Karrenberg -
Mihnea-Costin Grigore -
Robert Kisteleki -
Wilfried Woeber, UniVie/ACOnet