Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

picocms.org could be served over https #514

Closed
arthurzenika opened this issue Oct 17, 2019 · 12 comments
Closed

picocms.org could be served over https #514

arthurzenika opened this issue Oct 17, 2019 · 12 comments

Comments

@arthurzenika
Copy link

It would be nice for the landing page for the project to be served using https on https://picocms.org/

@PhrozenByte
Copy link
Collaborator

PhrozenByte commented Oct 17, 2019

Indeed. I'll suggest @picocms to do the necessary changes (unfortunately it's a bit more than just hitting a button or something), but it might take some time.

@Croydon
Copy link

Croydon commented Jul 21, 2020

Since the website gets served over GitHub pages and GitHub pages has support for https, even for custom domains, it might be actually as easy as hitting a button 😄

@NicoHood

This comment has been minimized.

@xpunkt
Copy link

xpunkt commented Mar 21, 2021

leave http and https not used in links its solved, the homepage with the content is still https hosted, but links in content does not need to spesify http or https protocol

@mayamcdougall
Copy link
Collaborator

Alright, so, I feel compelled to address some of this, if just to answer questions for anyone who visits this Issue in the future.

@NicoHood PicoCMS.org utilizes GitHub Pages, which uses Jekyll as a framework. The website unfortunately does not use Pico itself, simply because GitHub Pages is a more economical solution that paying for a web host to run it with Pico.

Pico is perfectly capable of running a site that utilizes HTTPS. Furthermore, it's the responsibility of the web server to provide HTTPS in the first place, not the framework the site is built with. I suspect that your comment is more trolling than actual curiosity in the matter, but hopefully this clarifies it for anyone with this misunderstanding in the future.

@xpunkt I'm sorry, but I don't really understand your comment and how you're suggesting the solve the problem, but it's not really relevant anyway, for reasons I'll get to below.


To answer the question, as far as I know, the reason PicoCMS.org doesn't use HTTPS comes down to a logistical issue, not a technical one. The original owner of the PicoCMS project page here on GitHub, which holds our repositories, is no longer active with the project. They are also the owner of the PicoCMS domain name.

It has been a long time since they were active with the project, and while for some time they were available, on occasion, to address concerns such as this (again, as far as I know) that was a long time ago.

Unfortunately, they never turned over access to the PicoCMS account itself or domain before moving on. While we have read/write access to the individual repos, and code contributions continue, certain management aspects (such as "switching on" https, as simple as it would seem) remain beyond our reach.

I'll say one final time, this information is simply as far as I know, and my recollection of some of the details might be incorrect. I just wanted to provide some insight to anyone asking in the future.


@PhrozenByte Has any progress been made on this front? If this is something you'd like to work on, we can (and probably should) discuss the details at some point in private.

Hopefully I haven't overstepped my bounds here by recounting what I think I remember on the situation. I just felt that a statement on the matter might help explain why this "simple" matter has taken so long. Also, I wasn't happy with the idea that some people might misinterpret this issue as a shortcoming of Pico itself.

@picocms
Copy link
Owner

picocms commented Mar 23, 2021

Hi, Pico owner here.

Nobody contacted me to request anything on my end and I have answered each time anyone has reached out.
I've made the switch to HTTPS.

@PhrozenByte
Copy link
Collaborator

@picocms Good to hear from you again! Thank you for switching. ❤️ Do you have a new email address? Because I've sent you multiple emails about this in the past (all of them a rather long time ago, not recently). You still got my email address, right? Can you please send me an email, just to be sure that emails don't vanish/are getting blocked/redirected to spam/etc.?

Closing this as resolved 👍

@picocms
Copy link
Owner

picocms commented Mar 23, 2021

@picocms Good to hear from you again! Thank you for switching. ❤️ Do you have a new email address? Because I've sent you multiple emails about this in the past (all of them a rather long time ago, not recently). You still got my email address, right? Can you please send me an email, just to be sure that emails don't vanish/are getting blocked/redirected to spam/etc.?

Closing this as resolved 👍

Hi @PhrozenByte - I'm still on the same email. I have you as picocms.org@[your-domain]. I Will drop you an email here but let me know if you don't receive and we can work something else out.

@Croydon
Copy link

Croydon commented Mar 23, 2021

By the way, if the sharing of permissions is not a trust issue, but rather what GitHub allows to share on single repositories, then I think you should convert picocms into an actual GitHub organization

https://docs.github.com/en/github/setting-up-and-managing-your-github-user-account/converting-a-user-into-an-organization

@Croydon
Copy link

Croydon commented Mar 23, 2021

This file still needs to be switched to https in the website's source code

Blocked loading mixed active content “http://remy.github.com/twitterlib/twitterlib.js” twitter.min.js:10:2767
Loading failed for the <script> with source “http://remy.github.com/twitterlib/twitterlib.js”.

@mayamcdougall
Copy link
Collaborator

Hello @picocms. 👋 ❤️

Thank you for taking care of this for us. I'm sorry, I did not mean any disrespect in my comment. I was just explaining the situation, as far as I knew it, in hopes of answering some of the recent interest this issue had gotten. I was going off of @PhrozenByte's inability to contact you a while back, and I think we were both assuming at this point that you might have lost interest in the project over time. No hard feelings if that should be the case, now or in the future, but it might be a good idea to set up some contingency plans with @PhrozenByte now that you guys are back in contact.

@Croydon Brings up an interesting point while I'm writing this about whether we should look into making PicoCMS a proper GitHub organization (something that I think used to be a paid option back then but isn't anymore 🤔). This might be something for you both to discuss. While it wouldn't have solved the https issue on it's own, it might be a good "forward thinking" thing to consider.

Also, @Croydon I'll look into the website in a bit, I'm sure there's some loose ends that'll need cleaning up now. Thanks for mentioning it. 😉

And thanks again for taking care of this @picocms. I'm hoping you and @PhrozenByte can get all your contact issues sorted out now. 😁

@PhrozenByte
Copy link
Collaborator

Thank you for the great explanations @mayamcdougall! 👍

@picocms Thank you, I got your e-mail. I've just send you an answer, let me know if it didn't reach you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

7 participants