[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#22972: insecure content on: https://gnu.org/software/guix/packages/
|
From: |
Ludovic Courtès |
|
Subject: |
bug#22972: insecure content on: https://gnu.org/software/guix/packages/ |
|
Date: |
Fri, 25 Mar 2016 13:35:17 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Jean Louis <address@hidden> skribis:
> The content is insecure as shown by Icecat.
IceCat doesn’t “show” me this. What are you referring to?
> That happens because either scripts are included (did not check it)
> which are with http:// or images (I did check it).
Right, project logos come from different places, and not necessarily
https. I understand that this can be a problem. However, at least for
now, we don’t copy those logos to www.gnu.org, so it seems there’s not
much we can do.
> Small remark to the page with packages: it is in few lines,
> which makes editing, even with Emacs harder. There shall be new lines or
> indenting after > or after each package. Otherwise it makes editing the
> HTML very hard (I know there is source, but looking inside of HTML is
> difficult).
As you write, this is not meant to be edited, so… :-)
> The package descriptions shall not be opened by Javascript but on the
> long run, each package shall get its own page, and of course there shall
> be search engine, just like with Debian. This all becomes totally easy
> with guix being Guile module, and exciting.
Yes, definitely. Dave’s guix-web¹ does that and more. I think we
should consider running it with actions disabled (i.e., no
installing/removing/upgrading), probably behind nginx to cache things a
bit.
Any takers?
Thanks,
Ludo’.
¹ https://git.dthompson.us/guix-web.git