Project

General

Profile

Actions

Defect #17722

closed

Plugin update check not working if redmine is viewed over https

Added by Philip Schiffer over 10 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
High
Category:
Website (redmine.org)
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

Chrome silently blocks any request to insecure sites:

[blocked] The page at 'https://<servername>/admin/plugins' was loaded over HTTPS, but ran insecure content from 'http://www.redmine.org/plugins/check_updates?<plugin info>': this content should also be loaded over HTTPS.

This causes breaks the plugin update checker. redmine.org should be accessible over https and the check should use the secure site if https is selected in the redmine settings. I'd also like to note that redmine.org is transmitting username and password unencrypted which is really bad!


Files

Actions

Also available in: Atom PDF