search

ndarville / pony-forum

A modern alternative to ancient forum CMSes like vBulletin and PHPBB in Python on Django. (Alpha stage.) (NB: dotCloud have since removed their free Sandbox tier.)
http://pony-forum.com
26 stars 7 forks source link

HTTPS is insecure #28

Closed ndarville closed 12 years ago

ndarville commented 12 years ago

I have a feeling e882ae9 introduced this problem.

Make a test branch that reverts the commit and see if it does indeed cause the problem.

Just tested it, and the changed nginx.conf did indeed render the HTTPS connection insecure. Will look into the available documentation and might contact dotCloud. (If only they had speed dial for e-mail ...)

ndarville commented 12 years ago

The problem has resolved itself. Could be something on the back-end that needed to set in.

ndarville commented 12 years ago

User profile, thread (and post) views are insecure. All of them rely on JS.

ndarville commented 12 years ago

Fixed in a02c196b905c170e1763429a6e3957212da125ac.