On Tue, Feb 15, 2011 at 4:36 PM, Walter McGinnis <wal...@katipo.co.nz> wrote: > Now, in practice implementing this has challenges. I'm the lead developer on > Kete, an open source Ruby on Rails app (http://kete.net.nz), and recently > wanted to make the switch to fully HTTPS for a site and the Kete app when > used with HTTPS. > > I encountered the headache of mixed content warnings.
What problems does this present in practice? I notice Gmail sometimes serves mixed content without my browser complaining significantly. The UI changes a bit, but nothing worse than normal http:// UI. > All this boils down to, yes full HTTPS is best practice, but if you make use > of external APIs or services, it may be hard to achieve. Using an external API or service by including stuff from third-party sites would send users' IP addresses to those sites, which would violate Wikimedia's privacy policy, so this isn't an issue for us. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l