New rule: prevent mixed content

[Elchi3]

Original issue Elchi3/mdn-doc-tests#143.
Test if sources are HTTPS (e.g. images) to prevent mixed content.

I believe images and things we embed are already https pretty much everywhere, but it looks like we are not actually testing it.

https://twitter.com/DevDocs/status/718123621491847168

[MatonAnthony]

Do we know the list of allowed filetypes on MDN ?

Subsidiary question: Shouldn't we only use ressources inside of MDN to avoid 404 when the ressource provider doesn't provide the ressources anymore ?

[SebastianZ]

I think basically you need to check whether the URLs of resources use HTTPS and not HTTP. This isn't about file types or internal vs. external resources.

I.e. you just need to check the URL string, not do the request yourself (which would slow down the test suite, anyway).

Sebastian

[MatonAnthony]

Do we know the list of allowed filetypes on MDN ?

After a night on it, it is unecessary, I agree.

Subsidiary question: Shouldn't we only use ressources inside of MDN to avoid 404 when the ressource provider doesn't provide the ressources anymore ?

Still stands, if we should be using internal ressources, I won't implement it the same way.

[MatonAnthony]

And should this return an ERROR, a WARNING or an INFO ?

[SebastianZ]

I'm not sure whether there are cases where mixed content should be allowed. If so, it should be WARNING, but I rather tend to ERROR.

Sebastian

[MatonAnthony]

I did a first attempt at a rule, it only checks images, I don't know if they are other sources of mixed content ?.

It triggers an ERROR but this can be changed easily if needed.