mixed content warnings

[travi]

now that we are serving the site over https, we have some mixed content warnings that we need to deal with. looks like they are coming from the fonts loaded by tikly (tiklet_ticket_show:15, tiklet_ticket_show:1)

Mixed Content: The page at 'https://dsmjs.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Lobster|Open+Sans:300italic,400italic,300,400&subset=latin,latin-ext'. This request has been blocked; the content must be served over HTTPS.

@crolek happen to know if there are any knobs on tikly to handle this?

[travi]

bump @crolek?

[PaulSearcy]

I looked into this the other day and it seems that until Tikly updates their widget we're out of luck. Since were iframing it there is not much we can do to control how the resources are being loaded into the iframe itself.

Also since were iframing it, then its sand boxed.

[crolek]

The primary reason that exists is to know who is coming for a pizza head count. If someone wants to propose a lambda/firebase/some-simple-way of gathering that list; I'd be open for alternatives. Requirements:

• Super Low Cost/free
• low maintenance
• List has to be stored privately @PaulSearcy or @travi up for taking this on?

Please no meetup.com. They send too many notifications.

[travi]

eventbrite is the first thing that comes to my mind if we are considering alternatives: https://www.eventbrite.com/support/articles/en_US/How_To/how-to-sell-eventbrite-tickets-registrations-on-your-website-using-embeddable-widgets?lg=en_US

i know web geeks uses their widget, so we could reach out to them to see if they have any suggestions

[crolek]

I should add one more requirement..... Any solution should provide me some kind of curl command so I can create the event and request the widget with the info I care about. Aka, if we're going to replace, lets script it a little.

[travi]

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests