[BlueOnyx:19299] Re: Wiki / MailMan not working when logged in using SSL

Thu Mar 10 14:21:59 -05 2016

Chris,

> OR.... allow the exception in your browser?

I just tried, IE, Edge, Chrome and Firefox and all have by default the 
feature enabled that do not allow you to load unsecure data while a secure 
session is established.

Safari was the only one that allowed it to happen.

While I could definitely follow your instruction of allowing the exception 
in my browser, telling any customer who uses the site to do the same is not 
going to work.

Also I personally love that the browsers require a secure session to return 
all secure content and block anything that is not. Too many developers do 
not fully understand the implication of making mixed requests, especially if 
you end up doing so to the same domain as things like authentication 
tokens/cookies that you thought were secure are now being transmitted over 
the wire insecurely.

Here are some options that I think should be considered.

-Mailman
    - Few options
         a) Have the mailman interface open in a new browser window
            - Could possibly implement this to only happen when a secure 
connection is being used
         b) Modify web server to service mailman requests on port 81 as well
                - Remove protocol from url link so that it works from 
whatever protocol and port is being operated on

- Wiki
    - Few options
        - Obtain a secure SSL certificate for wiki.blueonyx.it
            - Setup to listen for secure requets
            - Remove the protocol from the URL so that it will work via 
http/https
        - Option in a new browser window instead when secure is being used
        - Provide option to run documentation locally instead of remotely 
and allow to be served via http/https