*** This bug is a security vulnerability *** You have been subscribed to a public security bug:
Pages on the domains help.launchpad.net and dev.launchpad.net (for example the main pages <URL:https://help.launchpad.net/> and <URL:https://dev.launchpad.net/>) include a reference to the image <URL:http://i.creativecommons.org/l/by/2.0/uk/80x15.png> each. This image is served via HTTP, as you can see from the URI, so this results in insecure content (sometimes this combination is called „mixed content“) being served to the User Agent. Either the image needs to be copied to the launchpad servers, and served from there via HTTPS, or a HTTPS reference to a Creative Commons host needs to be used. In the latter case, make sure to get in touch with the people at creativecommons.org, because i.creativecommons.org uses the certificate issued for api.creativecommons.org, and accessing creativecommons.org via TLS (port 443, HTTPS) results in a security warning for me. In the former case, I am not sure about the copyright status of the CC badge (but it *should* be at least CC-licensed, shouldn’t it? :-) ). The problem may appear on other domains than help.launchpad.net and dev.launchpad.net as well, but as I do not have a list of all launchpad domains, I could not check. Someone should verify that please. It does not appear on <URL:https://launchpad.net/> or <URL:https://edge.launchpad.net/>, though. ** Affects: launchpad-documentation Importance: Low Status: Triaged ** Tags: certificate https insecure mixed-content security tls x.509 -- Insecure content (CC license badge) on secure sites help.launchpad.net and dev.launchpad.net https://bugs.edge.launchpad.net/bugs/488241 You received this bug notification because you are a member of Launchpad Documentation Team, which is subscribed to Launchpad Documentation. _______________________________________________ Mailing list: https://launchpad.net/~launchpad-doc Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-doc More help : https://help.launchpad.net/ListHelp
