On Wed, Jul 03, 2013 at 10:28:12PM -0400, Jay Ashworth wrote:
I've been using HTTP anywhere (in Firefox), and whatever does that in Chrome, on both Linux and Windows, for some months or more.
Suddenly tonight, I see that Chrome is complaining about mixed-mode security on Twitter -- but not on FB or any other sites I visit that way.
Firefox isn't complaining about Twitter.
Chrome is known to be pickier about this; a site I worked on had to test both cause Chrome would complain when FF did not.
Can some other folks check Twitter over HTTPS/IPv4 tonight and see if they are also getting the slashed-out https indication on Twitter?
I use Twitter via IPv4 (and exclusively the HTTPS scheme), and use Firefox, quite regularly (20-30 times a day). I know exactly what you mean when you say "mixed-mode security" (for readers: accessing a site using HTTPS, but the URLs referenced within that site (for things like CSS, images, etc.) might use HTTP). But what I don't know is where you've seen this. As in a step-by-step for where you commonly see it. Even if it varies, just make an itemised list of steps (from the point you hit http://twitter.com/ to wherever you see the issue) where you commonly see it. I can try to reproduce it there if need be, and/or do some analysis with either Firebug's Network tab or Wireshark, but I need a good starting point! :-) Also, and I probably don't need to tell you this, but too much code on webservers (doesn't matter where (front or back-end)) behaves different based on HTTP User-Agent string. (I could write my own rant about this completely unnecessary approach, but I'll spare folks) -- | Jeremy Chadwick jdc@koitsu.org | | UNIX Systems Administrator http://jdc.koitsu.org/ | | Making life hard for others since 1977. PGP 4BD6C0CB |