Closed GoogleCodeExporter closed 9 years ago
Sorry, could you please explain what do you mean.
Original comment by serg472@gmail.com
on 10 Aug 2011 at 4:49
Say our page is located at http://example.com and we got a link to
https://encrypted.google.com.
If we use --remote-https-protocol (--remove-http-protocol just doesn't matter
in this case), we got //encrypted.google.com. But since our page isn't using
HTTPS, the browser would go to http://encrypted.google.com. Of course, Google
automatically redirects to the HTTPS version but that's not always the case and
there may be a security issue. (It works vice versa too.)
Do you know what I mean?
Original comment by hellosex...@gmail.com
on 10 Aug 2011 at 5:10
Hm, ok, I will look into it.
But I think you shouldn't be using --remote-https-protocol if your page is
accessed by http://, that's why I separated http and https removal. If the page
is on http:// you should be removing only http://, if on https:// then https://.
Original comment by serg472@gmail.com
on 10 Aug 2011 at 5:40
I think so too, but if your page is accessible using both HTTP and HTTPS you
can't do anything.
Original comment by hellosex...@gmail.com
on 10 Aug 2011 at 5:55
One solution would be surrounding anything that should be preserved with
<!--{{{--> <!--}}}-->
Original comment by serg472@gmail.com
on 10 Aug 2011 at 6:31
IMHO, that's way too heavy. What do you think about rel=external?
Original comment by hellosex...@gmail.com
on 10 Aug 2011 at 6:45
Sounds reasonable.
Original comment by serg472@gmail.com
on 10 Aug 2011 at 7:00
Implemented in 1.5 release.
Thanks.
Original comment by serg472@gmail.com
on 28 Aug 2011 at 6:42
Original issue reported on code.google.com by
hellosex...@gmail.com
on 10 Aug 2011 at 4:28