HTTP/HTTPS inconsistencies

Is Virtual Radar Server not behaving itself? If so then please report it here.
BrettC
Posts: 1
Joined: Tue Mar 14, 2017 12:49 am

HTTP/HTTPS inconsistencies

Postby BrettC » Tue Mar 14, 2017 1:02 am

Hi,

While HTTPS isn't at the forefront of VRS, there is a minor bug that is being exhibited with such a setup with a reverse proxy via apache (and probably other reverse proxy web services).

The Google fonts called on all main / public facing pages is hard set to http://. It would be appreciated if such url's were set to protocol relative http/https. So rather <a href="http://some.tld/... or <a href="https://some.tld"..., the URL would be formed as such: <a href="//some.tld/...

Right now, with the http call happening, it will break HTTPS support and cause Chrome and Firefox to throw up the "not secure" notice on the URL bar.

Code: Select all

Mixed Content: The page at 'https://some.tld/desktop.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,greek,vietnamese'. This content should also be served over HTTPS.



Why am I using HTTPS you may ask? Chrome and probably other browsers require valid SSL to be able to use the Location services on the browser, which the website supports. Wrapping VRS in a Reverse proxy encapsulated in SSL solves this issue.

agw
Posts: 1883
Joined: Fri Feb 17, 2012 3:20 am

Re: HTTP/HTTPS inconsistencies

Postby agw » Thu Mar 16, 2017 12:59 am

Fair point, I'll fix it for the next preview.


Return to “Bug Reports”

Who is online

Users browsing this forum: Google [Bot] and 1 guest