Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prepare site for TLS (remove hardcoded protocols) #4

Merged
merged 1 commit into from Feb 23, 2018

Conversation

Projects
None yet
2 participants
@c-w
Copy link
Contributor

commented Feb 21, 2018

A site served over HTTPS can't make requests to resources hosted on HTTP for security reasons. This site currently hard-codes the protocol for a number of non-secure resources, i.e., there are http:// links in the page, which means that the page can't render if served over HTTPS.

Instead of hard-coding the protocol for links, we can simply specify href="// instead of href="http:// or href="https://. This will create links that use the same protocol as what the site is being served via. So if the site is being served over http, the links will be http. If it's being served over https, the links will be https. Given that most sites out there support both https and http anyways, making the links respect the current page protocol is usually a very safe change. As such, this pull request implements the dynamic protocol links.

Also: fix trailing spaces.

@laura-barluzzi laura-barluzzi merged commit 05761b9 into laura-barluzzi:master Feb 23, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.