Page MenuHomePhabricator
Create Task
Maniphest T96818

Shop homepage on HTTPS contains insecure submission form
Closed, ResolvedPublic
Actions

Description

In latest Google Chrome, the store throws a warning for insecure interactions on the page.

Mixed Content: The page at 'https://store.wikimedia.org/' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://wikimediafoundation.us4.list-manage2.com/subscribe/post?u=438f0ff3a0fa6a75eeaea7498&id=906a788d5c'.

This endpoint should be made available over a secure connection, or the footer should be changed to not embed a form but merely link to the external form page by anchor link.

Related Objects
Search...

Event Timeline

Krinkle created this task.Apr 22 2015, 5:12 AM
Krinkle raised the priority of this task from to High.
Krinkle updated the task description. (Show Details)
Krinkle added projects: HTTPS, Wikimedia-Shop.
Krinkle added subscribers: Jalexander, Krinkle, Pcoombe.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 22 2015, 5:12 AM
Krinkle updated the task description. (Show Details)Apr 22 2015, 5:12 AM
Krinkle set Security to None.
Dzahn moved this task from Backlog to Blocked on External on the HTTPS board.Dec 3 2015, 7:33 PM
Krinkle unsubscribed.Dec 3 2015, 8:32 PM
Krinkle closed this task as Resolved.Dec 5 2015, 10:13 PM
Krinkle claimed this task.
Krinkle updated the task description. (Show Details)

This form uses a different provider now (https://www.pages04.net/wikimedia/wms/Form instead of Mainchip's non-HTTPS list-manage2.com).

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL