[asterisk-bugs] [Mantis 0016214]: Insecure Google CSS files making Mantis produce mixed content warning
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Nov 10 08:16:48 CST 2009
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=16214
======================================================================
Reported By: davidw
Assigned To:
======================================================================
Project: Mantis
Issue ID: 16214
Category: General
Reproducibility: always
Severity: minor
Priority: normal
Status: acknowledged
JIRA:
======================================================================
Date Submitted: 2009-11-10 06:19 CST
Last Modified: 2009-11-10 08:16 CST
======================================================================
Summary: Insecure Google CSS files making Mantis produce
mixed content warning
Description:
Since about a week ago, Mantis has been producing mixed content warnings
(HTTP on HTTPS page), on explicit page loads and on auto refreshes. It is
not possible to suppress these in normal browsers without compromising
security globally (although many people will have disabled this warning).
It looks like this is the result of including two CSS files from
http://www.google.com/.
======================================================================
----------------------------------------------------------------------
(0113535) davidw (reporter) - 2009-11-10 08:16
https://issues.asterisk.org/view.php?id=16214#c113535
----------------------------------------------------------------------
It's not on every page. It is on the View Issues page and the issue
submission page.
It looks like it is the Google Custom Search, which appears below the
colour key, on the View Issues page. When I reject the mixed content, this
is replaced by the word "Loading". The change is probably in the foreign
content from Google, rather than in the actual Mantis code.
Issue History
Date Modified Username Field Change
======================================================================
2009-11-10 08:16 davidw Note Added: 0113535
======================================================================
More information about the asterisk-bugs
mailing list