Description: When viewing the Tip.It Community Forums in Secure Mode (HTTPS) with the 'Deflection' Theme active, the "Tip.It Community" Blue Header Banner is being Force-Loaded in Non-Secure Mode (HTTP), which causes Browsers to not fully consider the Forums to be Secured.
Reproduction Rate: 100% -- This is ALWAYS REPRODUCIBLE!!!
Steps To Reproduce:
- Head to any page on 'forum.tip.it' with Secure Mode (HTTPS) requested.
("https://forum.tip.it" will do, in order to test this quickly.)
- Go to the Bottom of the Page.
- Click on "Change Theme"
- Select "Deflection" from the available list of choices.
- Address Bar will no longer fully register the 'Tip.It Forums' site as being in Secure Mode (HTTPS), all because of the blue "Tip.It Community" Header Banner being Force-Loaded in Non-Secure Mode (HTTP).
What should NOT happen: Forums acting Non-Secure (HTTP) in the Address Bar when Secure Mode (HTTPS) is being requested by the visitor.
What SHOULD be happening: Forums registering as being in Secure Mode (HTTPS) on the Address Bar when the visitor requests it.
Comments: I did happen to pin down the offending chunk of generated page code on the "Deflection" Forum Theme. Here's what it reads...
<img src='http://forum.tip.it/public/style_images/17_14_tipitcommunitylogo-deflection.png' alt='Logo' />
...so you can quickly fix this small-but-annoying bug. Having this same issue on another site recently caused this one to come to my attention. Well, that, and the fact that apparently Google has started cracking down on Non-Secure site accesses in their Chrome browser. I unfortunately heard about that one third-hand, to which I ran a web search and tracked down proof at https://www.wearegecko.co.uk/blog/security-dangers-of-http/. I might be on FireFox myself currently, and therefore the disruption in my view is smaller, but I would not want these forums to get avoided because of Google's active shaming of Non-HTTPS usage.
~Mr. D. V. "I'm a natural 'Bug Magnet'... At least I'm trying to do something positive with it..." Devnull
(P.S.: You might be wondering... "Why's this nut using such a full-format bug reporting style?" ...to which you can thank another, totally different website for that one. It will probably take a while before this reporting style bleeds back out of my mind, if it ever does.)
(P.P.S.: By the way, why isn't there a "Bug Report" or "Forums" tag for selecting? It really would have been useful here!)