We just upgraded from 3.4.2 to 3.4.3.1 and noticed that top.jsp references jquery javascripts via http://ajax.googleapis.com.
This is in both: WEB-INF/view/jsp/default/ui/includes/top.jsp WEB-INF/view/jsp/services/includes/top.jsp It came to our attention because in 3.4.3.1, the protocol is http not https which raised a browser warning for insecure content referenced in an https page. I see in 3.4.6 that the references have been changed to https but I'm still left wondering if it would not be better to just distribute the jquery scripts with cas or something in the maven build process that would download them and include them in the war file. The way it is now, I'm guessing that a loss of Internet access would cause problems for users on a LAN where everything else on the LAN should otherwise work. The same would be true for users behind a captive portal with limited WAN access but a need to authenticate to LAN based services. Apologies in advance if I am misunderstanding something in how this works or beating a dead horse if this has already been discussed. -James James Gutholm The Evergreen State College 2700 Evergreen Parkway NW , Olympia, WA 98505 360.867.6635 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
