Zotonic 0.62.0 has been released.
1 Like
My browser really really doesn’t like that their site isn’t HTTPS capable, I get a warning I have to click through on every link in it… ^.^;
1 Like
Yeah I’m using firefox with enforced HTTPS mode enabled in its options so I don’t accidentally access non-https pages without a big warning, which is this:
1 Like
Looks like a bug in FireFox then as it should turn off HTTPS-only mode for the whole site while you’re active on it?
Personally I am quite happy with the notice in the address bar, as it’s surprisingly noticeable (hence don’t feel a need for a strict mode).
1 Like
That’s not the point of Enforced HTTPS Mode, disable it if you want that. The site uses different subdomains for things like between the main site and demo and so forth, the temporarily allowed bit is per subdomain, which is the smart way to do it.
1 Like
Ah yeah it will treat the demo subdomain as a separate site (but I thought you meant it was happening for every page you were clicking 
)
1 Like
Most links I was clicking happened to go to different domains and subdomains, lol. I’m still very surprised that non-https sites, especially for CMS’s, still exist!
1 Like
Looks like they have 3 domains, the root, then docs. and demo. - yeah I’m surprised why they’re not using letsencrypt though someone did post (on EF I think) reasons why they wouldn’t (think it was to do with not being at the mercy of certificate authorities)…
1 Like
Self signed certs aren’t any better though, lol, trivially replaceable by a MITM. ^.^;
Honestly there needs to be some way to distribute root certificates with authentication to a domain, might actually be a useful usecase of blockchain…
1 Like