We just enabled HTTPS on our discourse instance, but are receiving mixed content warnings because a few of the images posted on our forum have http:// URLs.
Checking the box for setting download remote images to local fixes this for 90% of images by uploading the images to the discourse CDN and serving them up over HTTPS. However, if the image is larger than the setting for max image size kb, it gets embedded in the page directly by hotlinking, resulting in mixed content warnings, and our site loses the âpadlockâ image that users associate with HTTPS.
I would like a setting that disables hotlinking of images that are larger than max image size kb. This would fix our mixed content use case, but it would also be useful for people browsing discourse who donât have a lot of bandwidth. They could open up the images in a new tab, but the images would not load by default.
The oneboxer does a HEAD and/or GET, so it should have the MIME type at hand. I donât know what it uses to decide if something gets turned into an image automatically. I just put a copy of my user icon into a file called âtoy.carâ and made the server return image/jpeg MIME-type for it, but it wonât display in the preview pane as an image.
Exactly that is what I saw⊠Iâd love when user puts URL of image on line by itself, it gets automatically turned into img tag and image hotlinkedâŠ
For (1) add a special placeholder for âbroken imageâ
For (2) add a different general placeholder for large image
For (3) and unknown, I am fine with âundefinedâ behavior. In fact I would crash the image post processor for local errors and make sure there is an error in logs.
HTTPS images should also be replaced with placeholder if too big.
Keep in mind, for now, this is optional default off behavior. Only add âtoo bigâ placeholders IF replace large images with placeholders is on.
No idea about the placeholder images, just make sure whatever you pick is easily licensable. There may be a font awesome icon you can use, I would try that first.