viewing blog.m.o over https causes mixed content warning when submitting a comment

RESOLVED FIXED

Status

RESOLVED FIXED
4 years ago
2 months ago

People

(Reporter: heycam, Unassigned)

Tracking

Details

(Reporter)

Description

4 years ago
The comment form has an http: action, so if you view blog.mozilla.org over https you get a mixed content warning when trying to submit the form.  In Chrome, you get the mixed content warning as soon as you view the page.
(In reply to Cameron McCormack (:heycam) (away October 6 - November 5) from comment #0)
> The comment form has an http: action, so if you view blog.mozilla.org over
> https you get a mixed content warning when trying to submit the form.  In
> Chrome, you get the mixed content warning as soon as you view the page.

On which particular blog are you seeing this? It's is almost certainly something hard-coded in the theme but different blogs use different themes.
It wasn't the theme after all, it was the site URL in the blog settings. I've updated that to https for the security blog so this should be fixed, at least for this specific case. 

Although the server forcibly redirects to https, there's a field in WordPress for each blog's full, canonical URL. That value gets used when theme code needs to reflect a full URL rather than a relative one, as in this form action. We should comb through the other blogs to catch any others that still have an http URL in their settings.

Thanks for reporting!
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
(Reporter)

Comment 4

4 years ago
Thanks Craig!

Updated

2 months ago
Product: Websites → Websites Graveyard

Updated

2 months ago
Product: Websites Graveyard → Websites

Updated

2 months ago
Product: Websites → Websites Graveyard
You need to log in before you can comment on or make changes to this bug.