Code: Select all
<script src="://linden0.xkcd.com/linden.js" ...The Garden (1663) comic doesn't work on HTTPS
Moderators: Moderators General, Prelates, Magistrates
The Garden (1663) comic doesn't work on HTTPS
The Garden comic includes a script over unencrypted HTTP (http://linden0.xkcd.com/linden.js). Browsers block this script when browsing XKCD over encrypted HTTPS, and thus, the comic isn't shown. This is a problem if, for example, you've bookmarked the HTTPS version of XKCD of if you're using the Electronic Frontier Foundation HTTPS Everywhere browser extension, which doesn't allow connecting to XKCD over HTTP. It could be fixed by adding a SSL certificate to linden0.xkcd.com and either always serving the script over HTTPS or using a protocol relative link on the comic page:
-
DenverC0der9
- Posts: 1
- Joined: Wed Apr 06, 2016 6:15 pm UTC
Re: The Garden (1663) comic doesn't work on HTTPS
Under HTTPS everywhere, now the comic has transitioned from being blocked in firefox (due to some insecure content) to seemingly an infinite redirect loop, though it is hard for me to tell what is actually going on. In any case, only half the page loads, and the security icon quickly switches back and forth between the "everything is secure" icon and the "secure page with some insecure elements blocked" one.
UPDATE: It seems that the loop is caused by a change to how the site handles https requests. On this comic, it automatically switches to http when given an https request. The unfortunate thing is that HTTPS Everywhere tries to turn that back to https, and they keep fighting each other and never end up loading the page over either protocol. This is not a hard problem to fix (by just turning off the rule for xkcd.com in HTTPS Everywhere) but maybe it could be more elegantly fixed by getting a certificate for linden0.xkcd.com.
UPDATE: It seems that the loop is caused by a change to how the site handles https requests. On this comic, it automatically switches to http when given an https request. The unfortunate thing is that HTTPS Everywhere tries to turn that back to https, and they keep fighting each other and never end up loading the page over either protocol. This is not a hard problem to fix (by just turning off the rule for xkcd.com in HTTPS Everywhere) but maybe it could be more elegantly fixed by getting a certificate for linden0.xkcd.com.
Re: The Garden (1663) comic doesn't work on HTTPS
+1 for this, I get same issue. easiest fix would be to change the URL http://linden0.xkcd.com/linden.js to a protocol-less one i.e. //linden0.xkcd.com/linden.js
Even after disabling https-everywhere and switching to the non-https version of xkcd.com I still get no further than the loading animation... in both Firefox and Safari (latest versions of both on OS X)
Even after disabling https-everywhere and switching to the non-https version of xkcd.com I still get no further than the loading animation... in both Firefox and Safari (latest versions of both on OS X)
Re: The Garden (1663) comic doesn't work on HTTPS
Oh, nearly forgot...
Who were you, DenverCoder9?
What did you see?!
Who were you, DenverCoder9?
What did you see?!
Re: The Garden (1663) comic doesn't work on HTTPS
moloko wrote:+1 for this, I get same issue. easiest fix would be to change the URL http://linden0.xkcd.com/linden.js to a protocol-less one i.e. //linden0.xkcd.com/linden.js
Which would then not work at all when loaded via HTTPS.
Who is online
Users browsing this forum: No registered users and 3 guests