On Wed, Jul 3, 2013 at 8:21 PM, Jay Ashworth <jra@baylink.com> wrote:
----- Original Message -----
From: "Jeremy Chadwick" <jdc@koitsu.org>
I know exactly what you mean when you say "mixed-mode security" (for readers: accessing a site using HTTPS, but the URLs referenced within that site (for things like CSS, images, etc.) might use HTTP).
But what I don't know is where you've seen this. As in a step-by-step for where you commonly see it. Even if it varies, just make an itemised list of steps (from the point you hit http://twitter.com/ to wherever you see the issue) where you commonly see it.
Generally, anywhere I go on twitter's site (since it's AJAX now, there really isn't anywhere you "go"), it's https and it's not crossed out, as Chrome does to indicate mixed-mode.
As of tonight, I'm getting the "crossed-out https" indicator everywhere, even after a cache purge and a Ctrl-F5 reload.
This explains the meaning of the crossed-out https indicator: https://support.google.com/chrome/answer/95617?p=ui_security_indicator&rd=1
I can try to reproduce it there if need be, and/or do some analysis with
either Firebug's Network tab or Wireshark, but I need a good starting point! :-)
Remind me where Chrome identifies what's unsecure, and I'll go look it up.
From the chrome menu (the three lines at the top right), select Tools, then Javascript Console. That should give you an error where things went wrong, and tell you specifically what it's unhappy about.
Damian
Also, and I probably don't need to tell you this, but too much code on
webservers (doesn't matter where (front or back-end)) behaves different based on HTTP User-Agent string. (I could write my own rant about this completely unnecessary approach, but I'll spare folks)
Sure. But this is "change in working environment, not apparently prompted by anything user-side".
Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274 _______________________________________________ Outages mailing list Outages@outages.org https://puck.nether.net/mailman/listinfo/outages