[openstreetmap/openstreetmap-website] Improve HTTPS security (#3108)

Tom Hughes notifications at github.com
Fri Feb 19 12:54:06 UTC 2021


In fact I think the first point is referring to the fact that we allow http://127.0.0.1:8111 for remote control but that is entirely deliberate and necessary and 127.0.0.1 is a special case - the browsers even recognise that and allow insecure loads from localhost that would not be allowed otherwise so that's really just a bug in the observatory analysis.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/3108#issuecomment-782056293
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20210219/74a5f5cb/attachment.htm>


More information about the rails-dev mailing list