On Tue, 14 May 2013, David North wrote: > Package: nagios3-cgi > Version: 3.4.1-3 > Severity: normal > Tags: upstream > > (1) Install nagios3-cgi > (2) Tweak apache config to mount the web interface on an https URL, that is, > with SSL > (3) Visit the web interface at https://yourserver > > At this point, the browser warns that some elements of the page are not > encrypted. > > This warning can take the form of a modal dialog in some browsers and is > annoying > and confusing. > > Looking at the 'net' panel in firebug reveals this URL being fetched: > > http://assets.nagios.com/images/corepromos/2012-01-26-trainingsplash.jpg > > The 'Latest News' RSS feed appears to be including images over plain HTTP > > I've commented out lines 19-24 of /usr/share/nagios3/htdocs/main.php to work > around this. > > Can we persuade upstream to serve this stuff over HTTPS? Or have an option to > disable > these feeds? > > Happy to work on a patch for upstream or Debian depending on what you think > best. best would be a patch that patches this rss *censored* out.
Alex -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org