While HTTPS isn't at the forefront of VRS, there is a minor bug that is being exhibited with such a setup with a reverse proxy via apache (and probably other reverse proxy web services).
The Google fonts called on all main / public facing pages is hard set to http://. It would be appreciated if such url's were set to protocol relative http/https. So rather <a href="http://some.tld/... or <a href="https://some.tld"..., the URL would be formed as such: <a href="//some.tld/...
Right now, with the http call happening, it will break HTTPS support and cause Chrome and Firefox to throw up the "not secure" notice on the URL bar.
Code: Select all
Mixed Content: The page at 'https://some.tld/desktop.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,greek,vietnamese'. This content should also be served over HTTPS.
Why am I using HTTPS you may ask? Chrome and probably other browsers require valid SSL to be able to use the Location services on the browser, which the website supports. Wrapping VRS in a Reverse proxy encapsulated in SSL solves this issue.