Does src.sencha.io support SSL (https)? If not (which I think is the case at the moment), is it a planned feature and under which conditions?
Sorry if this has been asked before, I was unable to find any information on this topic. Or to be more precise I found an advice to use https://tinysrc.appspot.com, but this now redirect to sencha (without SSL).
Thanks for the quick reply. My use case is, I believe, pretty common: my website is partially served over SSL. The main reason to do so is the increased user privacy, which is especially important for mobile-aimed website. More on this topic: Coding Horror: Should All Web Traffic Be Encrypted?
The issue with src is that, since https is not supported, including it within a https-enabled website will result in a mixed connections warning (your connection to this site is only partially encrypted pop-up, etc depending on browser).
From a technical point of view this is not an issue: who cares if images are viewed by a third party, if it was holding sensitive information it shouldn't pass through src in the first place.
However from a end-user point of view this is a huge problem: such warnings look shady and unprofessional. Worse: most browsers supply no information on what causes it, leaving the average user unable to judge whether it is a security risk or not.
Answered: Availability of SSL (https)
.
Reply With Quote
