May be related to #556162: Use SSL for CAPTCHAs, but this is a fairly old issue.
My entire site runs under SSL, I'm using Mollom for captchas on webform nodes but browsers (in particular Internet Explorer) give warnings about insecure content on the page, IE being the worst with a popup warning which is less than ideal for our users. It seems like the problem comes from the image that is used in the Mollom captcha uses an http:// url, attempting to change this to https gives a 403 though.
Using the latest Mollom 7.x-2.x-dev branch.
| Comment | File | Size | Author |
|---|---|---|---|
| #2 | 1707154-insecure-content-text-analysis.patch | 1011 bytes | acbramley |
Comments
Comment #1
acbramley commentedNote: this also happens with text analysis as the disclaimer outputs a link to http://mollom.com/web-service-privacy-policy, this needs to be changed to https://mollom.com/web-service-privacy-policy which is valid.
Comment #2
acbramley commentedFixes warning for insecure content by outputting privacy policy link based on what protocol the page is using
Comment #3
sunNice catch! Let's see whether this patch passes.
Note: On the image CAPTCHA URL, you will automatically get correct SSL URLs with a Plus (or higher) Mollom subscription. SSL is not supported for Mollom Free subscriptions.
Comment #4
sunThanks for reporting, reviewing, and testing! Committed to all branches.
A new development snapshot will be available within the next 12 hours. This improvement will be available in the next official release.
Comment #5
acbramley commentedCool cheers for that :)