The comment form has an http: action, so if you view blog.mozilla.org over https you get a mixed content warning when trying to submit the form. In Chrome, you get the mixed content warning as soon as you view the page.
(In reply to Cameron McCormack (:heycam) (away October 6 - November 5) from comment #0) > The comment form has an http: action, so if you view blog.mozilla.org over > https you get a mixed content warning when trying to submit the form. In > Chrome, you get the mixed content warning as soon as you view the page. On which particular blog are you seeing this? It's is almost certainly something hard-coded in the theme but different blogs use different themes.
It wasn't the theme after all, it was the site URL in the blog settings. I've updated that to https for the security blog so this should be fixed, at least for this specific case. Although the server forcibly redirects to https, there's a field in WordPress for each blog's full, canonical URL. That value gets used when theme code needs to reflect a full URL rather than a relative one, as in this form action. We should comb through the other blogs to catch any others that still have an http URL in their settings. Thanks for reporting!
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.