[Savannah-help-public] [sr #108126] Savannah web site is only partially

savannah-hackers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-help-public] [sr #108126] Savannah web site is only partially

From:	Francesco Poli
Subject:	[Savannah-help-public] [sr #108126] Savannah web site is only partially encrypted (https)
Date:	Sun, 09 Sep 2012 12:57:18 +0000
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:10.0.7) Gecko/20100101 Firefox/10.0.7 Iceweasel/10.0.7

URL:
  <http://savannah.gnu.org/support/?108126>

                 Summary: Savannah web site is only partially encrypted
(https)
                 Project: Savannah Administration
            Submitted by: frx
            Submitted on: Sun 09 Sep 2012 02:57:17 PM CEST
                Category: Savannah website
                Priority: 5 - Normal
                Severity: 6 - Security
                  Status: None
             Assigned to: None
        Originator Email: 
        Operating System: None
             Open/Closed: Open
         Discussion Lock: Any

    _______________________________________________________

Details:

Hello,
navigating https://savannah.gnu.org/ is and has been rather annoying for a
number of months.
At each single page load, my browser (Iceweasel on Debian GNU/Linux) warns me
that the web site is only partially encrypted. I want to see that warning,
since I want to know what's going on, so disabling the warning is no
solution.

Moreover, this is not only annoying, but also a security issue, since the
browser, once it sees that the page is only partially encrypted, no longer
guarantees that all the connection is correctly encrypted. Hence, it seems to
me that there's no way to be sure that, e.g., the password I am entering while
logging in is not sent in clear text. 

I would like to see Savannah fixed: I think that the problem is the banner
image which is directly taken from an external web site:
http://static.fsf.org/fsforg/img/thin-image.png
But it's possible that other similar issues exist.

Please substitute any external image with a local copy, sent to the browser
through the SSL/TLS encrypted connection. Then please check that the HTTPS
navigation works properly.

Thanks for your time.




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?108126>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[Savannah-help-public] [sr #108126] Savannah web site is only partially encrypted (https), Francesco Poli <=
- [Savannah-help-public] [sr #108126] Savannah web site is only partially encrypted (https), Michael J. Flickinger, 2012/09/10

Prev by Date: [Savannah-help-public] [sr #108124] Cannot View Other Branches In Loggerhead
Next by Date: [Savannah-help-public] [sr #108127] I can't setup git for my project
Previous by thread: [Savannah-help-public] [sr #108125] Can't find my username
Next by thread: [Savannah-help-public] [sr #108126] Savannah web site is only partially encrypted (https)
Index(es):
- Date
- Thread