for future releases pls use protocol relative URIs
-
U know i´m interesst in installing nodeBB but i wait for a future release
and here is my first request for the Developer!heres a video from the google i/o i mean this is for the future absolute needed! So lets START.
here is the links to on the right time https://www.youtube.com/watch?v=cBhZ6S0PFCY#t=1357you should use this for all the linking stuff...soon as possible
Thanks
-
@ekn33 We do, as far as we know. All internal assets are coded to use the
base_url, which defines http/https for us, so that's up to the configuration to control. Otherwise, assets to other third party assets are protocol-relative.(See: Green lock icon in address bar in this page).
Occasionally, you'll stumble upon a user's avatar that's loaded via HTTP, but that's because a couple months ago, we didn't have SSL enabled.
-
I've just run the TLS-configuration check that gets referenced: https://www.ssllabs.com/ssltest/analyze.html?d=community.nodebb.org
@julian and other @devs (you need group-mentions :P): you may want to double-check the issues listed by this:
- Experimental: This server is vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224) and exploitable.
- The server does not support Forward Secrecy with the reference browsers. MORE INFO »
Btw: great that their link to wikipedia uses http instead of https ^^
- Session resumption (caching): No (IDs assigned but not accepted)
-
@frissdiegurke said:
I've just run the TLS-configuration check that gets referenced: https://www.ssllabs.com/ssltest/analyze.html?d=community.nodebb.org
@julian and other @devs (you need group-mentions :P): you may want to double-check the issues listed by this:
- Experimental: This server is vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224) and exploitable.
- The server does not support Forward Secrecy with the reference browsers. MORE INFO »
Btw: great that their link to wikipedia uses http instead of https ^^
- Session resumption (caching): No (IDs assigned but not accepted)
