Project

General

Profile

Actions

Bug #34203

closed

Images from ter-hoster break SSL address-bar in the browsers + CSP

Added by Xaver Maierhofer over 12 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Extension Manager
Target version:
-
Start date:
2012-02-23
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
4.6
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Normal i have a secure connection in backend, but images from ter-hoster are http from typo3.
typo3 has also https.
Because of the frames and ajax the address-bar won't be restored in SSL design.
I know SSL is still active, but somebody else maybe don't know it.

CSP Mozilla/Webkit:
The next problem, if you use CSP and say no external images and frames....
https://wiki.mozilla.org/Security/CSP

Maybe add images in typo3 package or load it with php and save it in typo3temp.

Actions #1

Updated by Gerrit Code Review over 12 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/9170

Actions #2

Updated by Georg Ringer over 12 years ago

i did a patch to enforce ssl, however having those images local isn't a one liner, so no patch for that... as there need to be thought about how to update those images, ....

Actions #3

Updated by Gerrit Code Review over 12 years ago

Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/9170

Actions #4

Updated by Gerrit Code Review over 12 years ago

Patch set 3 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/9170

Actions #5

Updated by Gerrit Code Review over 12 years ago

Patch set 1 for branch TYPO3_4-7 has been pushed to the review server.
It is available at http://review.typo3.org/9437

Actions #6

Updated by Gerrit Code Review over 12 years ago

Patch set 1 for branch TYPO3_4-6 has been pushed to the review server.
It is available at http://review.typo3.org/9438

Actions #7

Updated by Gerrit Code Review over 12 years ago

Patch set 1 for branch TYPO3_4-5 has been pushed to the review server.
It is available at http://review.typo3.org/9439

Actions #8

Updated by Georg Ringer over 12 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions #9

Updated by Benni Mack over 5 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF