Don't load http onebox images when using https


(Sckott) #1

We are using https now on our Discourse installation. Some images are being loaded and shown that are not served over https. For example, in this post Water Resource API List and Development - Packages - rOpenSci Discuss the image http://i2.cdn.turner.com/cnnnext/dam/assets/150403144637-02-california-drought-0403-large-169.jpg is served over http.

Is there a way to prevent images not served over https from loading?


Oneboxed http link causes a TLS mixed content warning
MediaFire onebox uses insecure image
Download images for oneboxes as well, if download images is set
(Gerhard Schlager) #2

In your case the short answer is no. That’s a problem with oneboxing and AFAIK there is no solution right now. You can vote for the following feature request:


(Sckott) #3

Okay, thanks for the response. Will do


(Jeff Atwood) #4

Workaround is to not onebox the URL, just put a space or any other text in front of it:

Like so http://www.cnn.com/2015/04/03/us/california-drought/

Or any text after it

http://www.cnn.com/2015/04/03/us/california-drought/ Like so


Links to Amazon cause a TLS mixed content warning
(Sckott) #5

Thanks! That’s a simple solution


(Sebastian) #7

Looks like it was implemented, that is good news. I am looking forward to the net release. Very important feature…