MyBB Community Forums

MyBB Community Forums > 1.8 Support > General Support > SSL and mixed content with external avatars
Full Version: SSL and mixed content with external avatars
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

squeebo

2016-11-05, 10:22 PM
I have SSL on my forum working fine, except when users have external avatar images hosted on an http-only url. 

At first I thought maybe there's a way for me to get the forum to download and host the avatars instead, but then I thought how users sometimes embed images into posts, which would incur the same issue, and while my users don't embed images very often, it's a potential problem and I'm not sure I want it to download every image. 

Perhaps this is just an inherent problem with using SSL on a forum, and I should be content that it will work without warnings on login pages etc?

katos

2016-11-05, 10:28 PM
You should consider using https://community.mybb.com/mods.php?action=view&pid=450 which will help with mixed content serves over http

Josh H.

2016-11-06, 01:04 AM
(2016-11-05, 10:28 PM)katos Wrote: [ -> ]You should consider using https://community.mybb.com/mods.php?action=view&pid=450 which will help with mixed content serves over http

And pair that with a camo (https://github.com/atmos/camo) server to proxy content to get a setup that's like what is running here. This also has the secondary benefit of stopping sites from grabbing user IPs from hotlinked images.
MyBB Community Forums > 1.8 Support > General Support > SSL and mixed content with external avatars