Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+1 vote
654 views
in Q2A Core by

gravatar.com offers its images both via http and https (see http://en.gravatar.com/site/implement/images/ and search for "Secure requests"). For a Q2A site that's reachable via https it would be better if the gravatar image URLs were using the https method as well. Otherwise browsers will complain that the site uses both secure and unsecure resources due to the <IMG> resources.

The links to the gravatar.com site itself can remain http links as they're not resources that the browser loads.

One possibility is to make the gravatar base URL configurable. It would be even cooler if Q2A would make that decision itself based on the URL that was used for accessing Q2A.

For me the workaround was to change the base URL in qa-include/qa-app-format.php from "'<IMG SRC="http://www.gravatar.com/avatar/'" to "'<IMG SRC="https://secure.gravatar.com/avatar/'". This is OK with me as I'm only running via https. However, it would be nice if I wouldn't have to maintain such a patch myself :)

Thanks for the great work in this program!

Q2A version: 1.5

1 Answer

0 votes
by
selected by
 
Best answer

No problem - I will try to fix this in Q2A 1.5.1, using qa_is_https_probably(...) to determine whether or not the page was requested via HTTPS.

...