-
Notifications
You must be signed in to change notification settings - Fork 5
New rule: prevent mixed content #20
Comments
Do we know the list of allowed filetypes on MDN ? Subsidiary question: Shouldn't we only use ressources inside of MDN to avoid 404 when the ressource provider doesn't provide the ressources anymore ? |
I think basically you need to check whether the URLs of resources use HTTPS and not HTTP. This isn't about file types or internal vs. external resources. I.e. you just need to check the URL string, not do the request yourself (which would slow down the test suite, anyway). Sebastian |
After a night on it, it is unecessary, I agree.
Still stands, if we should be using internal ressources, I won't implement it the same way. |
And should this return an |
I'm not sure whether there are cases where mixed content should be allowed. If so, it should be Sebastian |
I did a first attempt at a rule, it only checks images, I don't know if they are other sources of mixed content ?. It triggers an |
Original issue Elchi3/mdn-doc-tests#143.
Test if sources are HTTPS (e.g. images) to prevent mixed content.
I believe images and things we embed are already https pretty much everywhere, but it looks like we are not actually testing it.
https://twitter.com/DevDocs/status/718123621491847168
The text was updated successfully, but these errors were encountered: