-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 All,
If you use https://tomcat.apache.org you'll see a security warning in various browsers due to mixed-content. The problem is that the "Support Apache" logo in the upper right-hand corner of the page is served via HTTP instead of HTTPS. The other images on the page come from tomcat.apache.org, and are referenced using relative paths, so they inherit the protocol from the parent page. The Support Apache logo comes from www.apache.org and can't be a relative link. I'd like to fix this issue, and there are two possible approaches: 1. Always use HTTPS: just change the link protocol to https:// 2. Use a protocol-relative link[1], whose use has been ... discouraged[2 ] Does anyone care one way or the other? Thanks, - -chris [1] https://www.paulirish.com/2010/the-protocol-relative-url/ [2] ibid. -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJZg11+AAoJEBzwKT+lPKRY58AP/jWpdAtQ5OPWHmVZeQJqFeRm 4IYoQU3q7UAS+KYeUbfdfFE3f3OUO1BvZ1Ewqgf3SBtFcobtk+aeajhcWhCoijZ2 F+sA/9cvWFE9X8njNr3B+Z53apnS7x7Qlo/VZwT/kYwV2iZs2NhXlEzuhzVg37se xJ304BPMmDuJgCsjIOt9MG+sBimZ0HPloqhYaZViUO/iNDA+MpNRiUVnZ6Rfo1D2 dBRDTpQqF8jpNaA7nXkHeea+ghpyK2NQ5HW3c1+rLO1hCUTrSuOuQBEDzMB0kt7p lij2W3a2HIbsd/n4w9cT+mWdJxby/MCfcvjD2r8A83Z36KJWRzCGusiNcN00MJUl +GegW9YTUMHtrphSvbv69JrqI/9BpM+jhFaz2lTmbDUaEGWvhZsNeKyK8X9/97gF tJH5kdzHxDEj0fNsURYb66gtSgcL+dT8sPx+CMi8SkN6D2Zwk4YJtkdLBk4rguKq JPM3H+8uFsK4cVHmiPHRlfsup+TcQxEQ7y/7oas7Q8Dc9KXE5EHf+fbTonwEfQFe mFaok/qVrcZI3VHz1JQ9zkGwplsXDz2Ha/oyhFFGye0XPi+K5byISOq3t4csGuTg FwAttYD1fvlhA8/N2/ytSBVF9JPRyOtH5DlAwPb5lb4/UKEPDEhx8bD7kmc4weLA SHtI7btvU7VoJDqYZ5sS =jX2Z -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
