To prevent a man-in-the-middle messing with downloaded code, could you please support HTTPS?
The Prism website is hosted by Github Pages https://pages.github.com/. Is it possible to use HTTPS with that?
Sadly not directly :( But it is possible to put Cloudflare in front of it using it's "Universal SSL"
Given that Cloudflare is not free, if you want to pay for it @fuzzyroddis, I'm game. Otherwise, I'm not sure how that would work, given that Prism is a non-profit project with no funds.
(Hmm, I wonder if there's a good service to use that is easy to set up, to let people donate to the project. It would be useful for things like this)
@LeaVerou totally understand about costs. https://www.cloudflare.com/plans/ has a free plan, which is probably just burning through their vc money at this point :P
GitHub has enabled this for free for custom domains with LetsEncrypt. @LeaVerou I think an admin needs to make the changes to turn this on.
When I go to do that, it's not enabled 馃槙

Unavailable for you site because your domain is not properly configured to support HTTPS.
I guess there is some action to perform on the domain to enable/configure a LetsEncrypt certificate first, before we can enforce HTTPS.
Done! Thanks @mAAdhaTTah for your help!
Sweet! Happy to help.