[HTTPS-E Rulesets] Facebook's "Turn off secure browsing?"
Drake, Brian
brian2 at drakefamily.tk
Fri Jul 1 06:37:33 PDT 2011
All Facebook app content – including custom tabs on pages – is hosted
externally; this is the content that the quoted message was referring to.
Facebook apps seem to be worse, if anything, than the web generally when it
comes to adopting HTTPS (even Facebook
Live<https://www.facebook.com/facebook?sk=app_127337483972992>,
run by Facebook themselves, has mixed content – and that was with my account
set to serve all content over HTTPS when possible).
(Does anyone who is not a computer expert care? In my experience, no one
really understands or cares about Facebook’s “secure browsing” feature
anyway. Another example: Robot Unicorn Attack Forum
Post<https://www.facebook.com/topic.php?uid=112594238780474&topic=751>
)
On Sun, Jun 26, 2011 at 0432 (UTC-8), Osama Khalid <osamak at gnu.org> wrote:
> I just noticed that https://www.facebook.com/teamcoco asks users to
> switch to HTTP connection: "We can't display this content while you're
> viewing Facebook over a secure connection (https)."
>
> Any idea what this is for and what other pages maybe affected?
>
> --Osama Khalid
>
--
Brian Drake
Alternate (slightly less secure) e-mail: brian at drakefamily.tk
Alternate (old) e-mail: brianriab at gmail.com
Facebook profile: Profile ID
100001669405117<https://ssl.facebook.com/profile.php?id=100001669405117>
Twitter username: BrianJDrake <https://twitter.com/BrianJDrake>
Wikimedia project username:
Brianjd<https://secure.wikimedia.org/wikipedia/meta/wiki/User:Brianjd>(been
inactive for a while)
All content created by me
Copyright<http://www.wipo.int/treaties/en/ip/berne/trtdocs_wo001.html>©
2010–2011 Brian Drake. All rights reserved.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere-rules/attachments/20110701/3602b7ef/attachment.html>
More information about the HTTPS-Everywhere-Rules
mailing list