fsteeg
commented
7 years ago Deployed to production: https://lobid.org
Thanks for the report @aquast.
Closed aquast closed 7 years ago
fsteeg
commented
7 years ago Deployed to production: https://lobid.org
Thanks for the report @aquast.
ChristophEwertowski
commented
7 years ago +1 and closing.
Dear colleagues,
Your https-implementation is somehow incomplete which results in a security warning from modern browsers. The Problem is quite easy to solve:
replace "http" with https in all [ALL] linked URLs. In my opinion the security issue is related to the call of http://lobid.org/images/clouds.jpg solely but... it's also a good idea to provide linked services like twitter & co. via https too.
IMHO in your next step your webserver (apache/ningx) should be configured to redirect all http-requests to https which is an upcoming default inthe www