jordangov
commented
6 years ago Who needs fonts...
Closed hlieberman-gov closed 6 years ago
jordangov
commented
6 years ago Who needs fonts...
jordangov
commented
6 years ago That said, I don't see that in production...
hlieberman-gov
commented
6 years ago It's in prod.
On Mon, Apr 23, 2018 at 12:04 PM, Jordan Kasper notifications@github.com wrote:
That said, I don't see that in production...
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Code-dot-mil/code.mil/issues/193#issuecomment-383629825, or mute the thread https://github.com/notifications/unsubscribe-auth/Acr6Qrfb5GTKtOay347FUtExobRi2bmvks5trfuSgaJpZM4TgLG2 .
-- Harlan Lieberman-Berg Defense Digital Service
jordangov
commented
6 years ago Discussed with @hlieberman-gov looks to be an issue with hitting the AWS instance directly (which is not https) and then hitting the live site, which goes through cloudfront on https... not sure what to do about this, or if we need to do anything.
arichiv
commented
6 years ago Since there isn’t a reason to visit the S3 buckets manually now that there’s a beta.code.mil, I think this is okay
jordangov
commented
6 years ago 👍
Bug
www.code.mil is loading mixed content that's blocked.
Page(s) Affected
all pages.
Screenshot/Mock
Content Security Policy: Directive ‘frame-src’ has been deprecated. Please use directive ‘child-src’ instead. Blocked loading mixed active content “http://www.code.mil.s3-website-us-east-1.amazonaws.com/assets/uswds/fonts/merriweather-bold-webfont.woff2” [Learn More] www.code.mil Blocked loading mixed active content “http://www.code.mil.s3-website-us-east-1.amazonaws.com/assets/uswds/fonts/sourcesanspro-regular-webfont.woff2” [Learn More] www.code.mil Blocked loading mixed active content “http://www.code.mil.s3-website-us-east-1.amazonaws.com/assets/uswds/fonts/sourcesanspro-bold-webfont.woff2”