Results 1 to 6 of 6

Thread: Availability of SSL (https)

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 27 Feb 2012, 3:01 PM #1
    Neck
    Neck is offline
    Sencha User
    Join Date
    Feb 2012
    Posts
    4
    Vote Rating
    0
      0  

    Default Answered: Availability of SSL (https)

    I've posted in an existing thread (http://www.sencha.com/forum/showthre...cha.IO-and-SSL) but later realised it probably wasn't the right section. So here is my question:

    Does src.sencha.io support SSL (https)? If not (which I think is the case at the moment), is it a planned feature and under which conditions?

    Sorry if this has been asked before, I was unable to find any information on this topic. Or to be more precise I found an advice to use https://tinysrc.appspot.com, but this now redirect to sencha (without SSL).
    Reply With Quote Reply With Quote
  2. Best Answer Posted by merrells

    This is a compelling use case. We'll consider it in our product planning.

    The Sencha.io Src service is currently a free service (for reasonable usage).

    John
  3. 27 Feb 2012, 4:57 PM #2
    merrells
    merrells is offline
    Sencha User
    Join Date
    Apr 2010
    Posts
    107
    Answers
    30
    Vote Rating
    -1
      0  

    Default

    Hello,

    There's no plan to implement https for src.

    What's your use case?

    John
    Reply With Quote Reply With Quote
  4. 27 Feb 2012, 10:41 PM #3
    Neck
    Neck is offline
    Sencha User
    Join Date
    Feb 2012
    Posts
    4
    Vote Rating
    0
      0  

    Default

    Hello John,

    Thanks for the quick reply. My use case is, I believe, pretty common: my website is partially served over SSL. The main reason to do so is the increased user privacy, which is especially important for mobile-aimed website. More on this topic: Coding Horror: Should All Web Traffic Be Encrypted?

    The issue with src is that, since https is not supported, including it within a https-enabled website will result in a mixed connections warning (your connection to this site is only partially encrypted pop-up, etc depending on browser).

    From a technical point of view this is not an issue: who cares if images are viewed by a third party, if it was holding sensitive information it shouldn't pass through src in the first place.

    However from a end-user point of view this is a huge problem: such warnings look shady and unprofessional. Worse: most browsers supply no information on what causes it, leaving the average user unable to judge whether it is a security risk or not.
    Reply With Quote Reply With Quote
  5. 28 Feb 2012, 1:02 AM #4
    Möhre
    Möhre is offline
    Sencha User
    Join Date
    Oct 2011
    Location
    Germany
    Posts
    146
    Answers
    4
    Vote Rating
    10
      0  

    Default

    But for sure Sencha will add SSL for Sencha.io Login and Data, so why not add SSL for src if Sencha customers would pay for it?
    Reply With Quote Reply With Quote
  6. 28 Feb 2012, 6:10 AM #5
    merrells
    merrells is offline
    Sencha User
    Join Date
    Apr 2010
    Posts
    107
    Answers
    30
    Vote Rating
    -1
      0  

    Default

    This is a compelling use case. We'll consider it in our product planning.

    The Sencha.io Src service is currently a free service (for reasonable usage).

    John
    Reply With Quote Reply With Quote
  7. 28 Feb 2012, 7:26 AM #6
    Neck
    Neck is offline
    Sencha User
    Join Date
    Feb 2012
    Posts
    4
    Vote Rating
    0
      0  

    Default

    Thanks for the attention, always a pleasure to see developers caring about their products .
    Reply With Quote Reply With Quote
« What´s the size-limit of Sencha.io Data? | loggin failed »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules