Use http or https depending on page access #346
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PhrozenByte
added
pri: Normal
status: Resolved
type: Enhancement
type: Bug
and removed
type: Enhancement
labels
|
Thank you @ghuron! 👍 |
|
I actually have a question about this. Why not always use https for the connection to Google Fonts? That's what I've done in NotePaper and it works fine. Even if the regular page is loaded over http, that doesn't mean the connection to Google Fonts has to use http as well. It just seems like being secure by default would be the better option. 😕 Edit: Reading the changlog, I see that this was done to avoid a "Mixed Content" error when using https. My argument then would be that when using http for loading the page, it's insecure anyway. The browser is not going to complain that a single element was secured on an insecure page (only the opposite). |
PhrozenByte
added a commit
that referenced
this pull request
Apr 21, 2016
See #346 (comment) (via #346 / d6accc2), thanks @smcdougall
|
Good point, thank you @smcdougall 😃 |
PhrozenByte
added a commit
that referenced
this pull request
May 11, 2016
```
* [Changed] Improve documentation
* [Changed] Heavily extend nginx configuration docs
* [Changed] Add CSS rules for definition lists to default theme
* [Changed] Always use `on404Content...` execution path when serving a `404.md`
* [Changed] Deny access to `.git` directory, `CHANGELOG.md`, `composer.json`
and `composer.lock` (`.htaccess` file)
* [Changed] Use Pico's `404.md` to deny access to `.git`, `config`, `content`,
* `content-sample`, `lib` and `vendor` dirs (`.htaccess` file)
* [Fixed] #342: Fix responsiveness in default theme
* [Fixed] #344: Improve HTTPS detection with proxies
* [Fixed] #346: Force HTTPS to load Google Fonts in default theme
```
PhrozenByte
added a commit
to picocms/pico-theme
that referenced
this pull request
May 1, 2017
See picocms/Pico#346 (comment) (via #346 / d6accc2), thanks @smcdougall
germede
pushed a commit
to germede/pico-theme
that referenced
this pull request
Jan 27, 2024
See picocms/Pico#346 (comment) (via #346 / d6accc2), thanks @smcdougall
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.