Plots2: Convert any remaining mixed content (http/https) to prepare for Chrome change

Created on 4 Oct 2019  Â·  16Comments  Â·  Source: publiclab/plots2

Chrome will soon start blocking any http content loaded from an https page - not just scripts and iframes, but images, etc.

https://www.bleepingcomputer.com/news/google/google-chrome-to-gradually-start-blocking-mixed-content-by-default/

We did this for iframes and scripts a while back but we should plan to scan for any http:// in our codebase and fix it! It could make for good first timer issues, too. The standard GitHub search is not bad for finding things like this, so please paste in code links in the comments as you find them.

Then, we'll have to develop a script to do this for all site database content as well. That'll be harder.

Any help appreciated!

feature fto-candidate hackoctoberfest help wanted
Source
picture jywarren
🎉1

Most helpful comment

Hi, I just wanted to give a heads-up and say that I'm going to make some FTO issues out of this one...

There are still a few places in the codebase with http links. Some of them seem to be irrelevant to this issue. _(Like, one of them seems to be a footer in an automated email from the server, and there are a few that are simply Ruby and JS commented code snippets.)_

However there are a few I'm thinking would be good to update to https.

I was thinking I would make a single issue listing out multiple places in the app, so multiple first-timers can link and pull to just a single issue. (In the style of something like issue 8545). Should be done by end of day.

(Outreachy applicant here, and pretty new to Public Lab's codebase, so open to pointers!)

picture noi5e on 15 Oct 2020
1 🎉1 😄1

All 16 comments

Could I claim this issue? Thanks!

deboragaleano picture deboragaleano on 4 Oct 2019

Hi @jywarren. I just did a standard GitHub search and it gives me 78 code results, see below:

Screen Shot 2019-10-05 at 11 36 40

Here are some examples of code links that I found (there are more, of course!):

https://github.com/publiclab/plots2/blob/7c9d0637170ec8d39be8f773c6761a225ce7cf87/static/index.html

https://github.com/publiclab/plots2/blob/5c0d96274bd0be15feba69d8f30093082402ace5/public/422.html

https://github.com/publiclab/plots2/blob/5c0d96274bd0be15feba69d8f30093082402ace5/public/404.html

However, I'm not so sure how to go about converting or developing a script to fix all these links.

deboragaleano picture deboragaleano on 5 Oct 2019

@deboragaleano Can you do a replace -> replace all in your text editor program? I know VSCode has that option.

nstjean picture nstjean on 10 Oct 2019

Hi @nstjean, yes sure, thanks for your message. I use VSCode so I'll try to a replace :)

deboragaleano picture deboragaleano on 11 Oct 2019

Hi @deboragaleano, do you need any help with this issue?

IvetaHron picture IvetaHron on 15 Oct 2019

Hi @IvetaHron, I've been having issues with my computer so this may take a while. If you want to go ahead, please do ;)
Thanks!

deboragaleano picture deboragaleano on 16 Oct 2019

Hi @deboragaleano, thank you. I will start to work on it tomorrow. I will keep you posted.

IvetaHron picture IvetaHron on 16 Oct 2019

Thanks for your PR.
I will review it in a minute

SidharthBansal picture SidharthBansal on 31 Oct 2019

I think we are still left with some http.
@IvetaHron can you please help in creating the FTOs instead of opening PRs for Google Code In.
Thanks

SidharthBansal picture SidharthBansal on 31 Oct 2019

This is all really good work. Noting that for some uses you can use "//
publiclab.org/..." and omit "http:" or "https:" and it will default to the
one that's being used on the page you're on.

Also, let's continue to do this in relatively small pieces rather than a
huge find/replace of the whole codebase - that way we can diagnose when/if
things go wrong piece by piece. Thanks to everyone! Great work!!!!

On Thu, Oct 31, 2019 at 10:57 AM Sidharth Bansal notifications@github.com
wrote:

I think we are still left with some http.
@IvetaHron https://github.com/IvetaHron can you please help in creating
the FTOs instead of opening PRs for Google Code In.
Thanks

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/publiclab/plots2/issues/6391?email_source=notifications&email_token=AAAF6J5E2V46GTXVTZXZYKTQRLW2NA5CNFSM4I5PQLG2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOECYCR5Q#issuecomment-548415734,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AAAF6J7SH5544JGVWTGZE3TQRLW2NANCNFSM4I5PQLGQ
.

jywarren picture jywarren on 31 Oct 2019

Hi @SidharthBansal, @jywarren thank you for reviewing my PRs. I have created new FTO issue - https://github.com/publiclab/plots2/issues/6834 for GCI, but I could not add the GCI label to it. I will continue creating more new issues in coming days.

IvetaHron picture IvetaHron on 21 Nov 2019

Sorry for delayed reply. You can surely create new ftos.
Thanks for your support.

On Fri, Nov 22, 2019 at 3:23 AM IvetaHron notifications@github.com wrote:

Hi @SidharthBansal https://github.com/SidharthBansal, @jywarren
https://github.com/jywarren thank you for reviewing my PRs. I have
created new FTO issue - #6834
https://github.com/publiclab/plots2/issues/6834 for GCI, but I could
not add the GCI label to it. I will continue creating more new issues in
coming days.

—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
https://github.com/publiclab/plots2/issues/6391?email_source=notifications&email_token=AFAAEQ42JW45JQURST2NUGTQU37L5A5CNFSM4I5PQLG2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEE3Y43Q#issuecomment-557289070,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AFAAEQ4D6HVYLCPUG5EZIATQU37L5ANCNFSM4I5PQLGQ
.

SidharthBansal picture SidharthBansal on 28 Nov 2019

Hi! Can I work with this?

Karska-dev picture Karska-dev on 10 Oct 2020

Hi, I just wanted to give a heads-up and say that I'm going to make some FTO issues out of this one...

There are still a few places in the codebase with http links. Some of them seem to be irrelevant to this issue. _(Like, one of them seems to be a footer in an automated email from the server, and there are a few that are simply Ruby and JS commented code snippets.)_

However there are a few I'm thinking would be good to update to https.

I was thinking I would make a single issue listing out multiple places in the app, so multiple first-timers can link and pull to just a single issue. (In the style of something like issue 8545). Should be done by end of day.

(Outreachy applicant here, and pretty new to Public Lab's codebase, so open to pointers!)

noi5e picture noi5e on 15 Oct 2020
1 🎉1 😄1

Just noting this is a great idea, and plenty of places to do this! For some cases, you can use // instead of https:// and it will just default to whatever the current page is using. But that won't work in, for example, an email template.

Anyways, this is awesome, thanks!!!

jywarren picture jywarren on 16 Oct 2020

Thanks @noi5e ! Looks like your new issue got a lot of uptake with 5+ contributors writing code towards it, thank you for unblocking these contributions!
Once that issue is closed, let's be sure to come back here and close this one too :)

ebarry picture ebarry on 19 Oct 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

RuthNjeri picture RuthNjeri  Â·  3Comments
keshavsethi picture keshavsethi  Â·  3Comments
shapironick picture shapironick  Â·  3Comments
milaaraujo picture milaaraujo  Â·  3Comments
keshavsethi picture keshavsethi  Â·  3Comments