New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HTTPS support #173

Closed
kornelski opened this Issue Apr 11, 2014 · 1 comment

Comments

Projects
None yet
2 participants
@kornelski
Contributor

kornelski commented Apr 11, 2014

In order to work with HTTPS, modules must not hardcode http:// URLs for any embedded content.

Modules using o-assets are working well already, but demos and docs still have some http:// URLs, e.g.

<script src='http://registry.origami.ft.com/embedapi?autoload=resize'></script>

is quite common.

Just in case I suggest adding requirement to the Origami spec that JS, CSS and resources in CSS are always linked to using protocol-relative URLs.

The only downside is that <link rel=stylesheet href=//…> causes double download in IE8, but XP is officially dead, right? :)

@triblondon

This comment has been minimized.

Show comment
Hide comment
@triblondon

triblondon Apr 14, 2014

Contributor

Not really concerned about demos and docs, though for best practice I agree they should really use protocol relative URLs (within wide tolerances, I'm not concerned about performance of older browsers, only compatibility).

I'll clarify in the spec that modules must not embed references to protocol specific URLs.

Contributor

triblondon commented Apr 14, 2014

Not really concerned about demos and docs, though for best practice I agree they should really use protocol relative URLs (within wide tolerances, I'm not concerned about performance of older browsers, only compatibility).

I'll clarify in the spec that modules must not embed references to protocol specific URLs.

@triblondon triblondon self-assigned this Apr 14, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment