aquast
commented
6 years ago I assume the checks are not failing due to my changes ;-)
Closed aquast closed 6 years ago
aquast
commented
6 years ago I assume the checks are not failing due to my changes ;-)
fsteeg
commented
6 years ago Thanks for the pull request. The changes are a bit broad though. One issue is that not all pages we link to actually support https (e.g. https://sigel.staatsbibliothek-berlin.de/). Also using https does not change the security warning, and is not even recommended, see [1] [2]. For that reason, we also use http in the data, so changing sample queries to use https makes no sense. I've fixed the issue for the images in e05e9035989fbd23366041fb4a326ba55e54ef48 as you suggested, so thanks again.
[1] https://www.w3.org/DesignIssues/Security-NotTheS.html [2] https://www.w3.org/blog/2016/05/https-and-the-semantic-weblinked-data/
aquast
commented
6 years ago Despite the https-discussion the cloud image seems to be the problematic link that isn't fixed already (see https://lobid.org/resources/ ). Nevertheless from my experience it's useful to replace the protocol type at least for those services providing https. For the services that require personal data https should be granted (e.g. Twitter, Fratzenbuch, ...) Indeed https is not helpful in an circumstances e.g. Linked Ressources or some parts of an API could be hampered by https. In the sense of T.B.L. [1] if http is not part of URI, we should be able to provide both http and https access at one time :-)
this commit should solve issue#349 security warning. It doesn't solve the redirect to https by default thing ;-)