Hard for me to have an opinion, but if there is a jira issue open for it I will try to remember to fix what inflexibility is being created with the current system.
On 6/19/06, Kevin Menard <[EMAIL PROTECTED]> wrote:
On Sun, 18 Jun 2006 12:41:43 -0400, Giampaolo Tomassoni <[EMAIL PROTECTED]> wrote: >> I'm really getting pissed about this (and feeling more and more stupid >> after each new failed attempt). Especially since the constraint to mix >> HTTP and HTTPS pages has been forced upon me with the explanation that >> everybody does it due to bad performance of HTTPS, which I'd give my >> right arm if we would ever see in this particular application. :-( > > Switching back to http was an old habit: five years ago, when internet > bandwidth were really narrow and cpu power wasn't that high, it could > have made a difference. Today these are not anymore issues. I would try > to stress this fact and the security issues the http/https mixup may > arise. There are actual reasons for switching back. E.g., we use Google Analytics, which requires linking to an external JavaScript file. The file is only hosted on HTTP. If I link to it from an HTTPS page, IE pops up and says "this page mixes secure and insecure resources -- do you want to continue?" The solution is to remove the link from any page accessed via HTTPS. If I can't switch back to HTTP, however, then it's a moot point because things will still break when users look at anything else on the site. It seems to me that if you're going to advocate not switching from HTTPS back to HTTP, then you're advocating not to bother with HTTP in the first place . . . -- Kevin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- Jesse Kuhnert Tacos/Tapestry, team member/developer Open source based consulting work centered around dojo/tapestry/tacos/hivemind.
