Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/pkgsite: mixed content warning on overview pages with links to third-party, insecure content #40480

Open
andybons opened this issue Jul 29, 2020 · 1 comment
Open

x/pkgsite: mixed content warning on overview pages with links to third-party, insecure content #40480

andybons opened this issue Jul 29, 2020 · 1 comment
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. pkgsite/frontend Issues related to pkgsite HTML/CSS/JavaScript and frontend development pkgsite
Milestone
pkgsite/frontend

Comments

@andybons
Copy link
Member

https://pkg.go.dev/github.com/sirupsen/logrus@v1.6.0?tab=overview triggers a mixed-content warning “Not Secure” in Chrome’s location bar.

GitHub (https://github.com/sirupsen/logrus/blob/v1.6.0/README.md) serves these assets themselves via https with a data-canonical-url attribute containing the original source.

NPM serves mixed content (https://www.npmjs.com/package/moment).
@andybons andybons added NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. pkgsite labels Jul 29, 2020
@andybons andybons added this to the Unreleased milestone Jul 29, 2020
@andybons andybons changed the title pkgsite: mixed content warning on overview pages with links to third-party, insecure content x/pkgsite: mixed content warning on overview pages with links to third-party, insecure content Aug 12, 2020
@julieqiu julieqiu modified the milestones: Unreleased, pkgsite/frontend Aug 27, 2020
@julieqiu julieqiu removed the website label Sep 19, 2020
@julieqiu julieqiu removed the website label Sep 19, 2020
@mvdan
Copy link
Member

mvdan commented Nov 17, 2020

I encounter the same on https://pkg.go.dev/github.com/dgraph-io/badger/v2@v2.2007.2.

It actually made me think there was a legitimate security bug in pkgsite itself, and the warning is kind of scary on Firefox.

@hyangah hyangah added the pkgsite/frontend Issues related to pkgsite HTML/CSS/JavaScript and frontend development label May 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. pkgsite/frontend Issues related to pkgsite HTML/CSS/JavaScript and frontend development pkgsite
Projects
None yet
Milestone
pkgsite/frontend
Development

No branches or pull requests
5 participants
@andybons @mvdan @hyangah @julieqiu @gopherbot