--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: summit.debconf.org: Registration form: parts of the page are not encrypted
- From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>
- Date: Wed, 24 Jun 2015 19:23:43 +0200
- Message-id: <20150624172343.6529.42048.reportbug@homebrew>
Package: summit.debconf.org
Severity: important
Hello,
I intend to register for DebConf15, but, after the authentication on the
Debian SSO (by using my alioth account and accepting cookies from both
sso.debian.org and summit.debconf.org), and after authorizing
summit.debconf.org to fetch some of my data from the alioth account,
I reached the registration form at
https://summit.debconf.org/debconf15/registration/
There's something awkward with this page: my browser
(iceweasel/38.0.1-5 on an up-to-date Debian testing box) warns me that
the page is not fully encrypted. In the Page Info dialog box, it says
that "Parts of the page you are viewing were not encrypted, or the
encryption is not strong enough, before being transmitted over the
Internet".
As you probably know, this could happen, for instance, when some image
is not served through the SSL connection, but is fetched from another
server via an unencrypted HTTP connection. Or for some other reason...
I don't feel too safe to enter personal data on a page that is not
fully encrypted. I suppose other people feel the same and I wonder why
this issue has not yet been solved.
Please note that I have a few extensions installed and enabled:
• Cookie Monster
• Debian buttons
• HTTPS-Everywhere
• NoScript
• Uppity
• User Agent Switcher
However, I am able to reproduce the issue even after disabling all
of them.
Please investigate this issue and fix the page, so that the HTTPS
connection is fully encrypted.
Please let me know as soon as possible, so that I can register for the
conference.
Thanks for your time!
--- End Message ---