Skip to content
This repository has been archived by the owner on Jul 24, 2021. It is now read-only.

Request to https-embeded-Map (Mapquest) not fully https #5296

Closed
openstreetmap-trac opened this issue Jul 23, 2021 · 3 comments
Closed

Request to https-embeded-Map (Mapquest) not fully https #5296

openstreetmap-trac opened this issue Jul 23, 2021 · 3 comments

Comments

@openstreetmap-trac
Copy link

Reporter: netty4711
[Submitted to the original trac issue database at 1.53am, Tuesday, 17th March 2015]

Wenn I use a ssl-secured URL for embedding a Map (Layer Mapquest):
https://www.openstreetmap.org/export/embed.html?bbox=-29.0478515625%2C34.415973384481866%2C33.7939453125%2C61.12201916813026&layer=mapquest

than there is a small icon in the lower right corner. This image
http://developer.mapquest.com/content/osm/mq_logo.png

is not requested through https, so Browser shows an incomplete SSL-connection. Since Google is soon forcing all websites to use https, could you please request this little Icon also with https, when openstreetmap is loaded over https?

@openstreetmap-trac
Copy link
Author

Author: TomH
[Added to the original trac issue at 1.48pm, Wednesday, 18th March 2015]

Whilst I'm happy to look at this when I get a change, I would really love a citation for the claim that google is soon going to be forcing websites to use https... Aside from the fact that they don't actually control "all websites" and are therefore unable, in a literal sense, to do what you say, such an extraordinary claim definitely requires extraordinary evidence.

@openstreetmap-trac
Copy link
Author

Author: netty4711
[Added to the original trac issue at 2.47pm, Wednesday, 18th March 2015]

"forcing" is a hard word from me. Sorry for that. But there are some hints, that many websites would change in near future to https-version. Google is now going to promote https as it gaves https websites a higher ranking: http://googlewebmastercentral.blogspot.de/2014/08/https-as-ranking-signal.html

Next step seems to warn user on a non-https site in Google Chrome and if this happens other browsers would also do this:
http://www.bbc.com/news/technology-30505970
http://www.chromium.org/Home/chromium-security/marking-http-as-non-secure

Same changes happens at the moment with mobile/non-mobile sites:
http://www.business2community.com/online-marketing/google-start-penalizing-non-mobile-sites-01175992

But to come back to the issue. If a site has user login functionality it is very often also a ssl-secured site. Most sites uses than everywhere https. Than there are problems with embeding Maps with the standard feature.

Thanks for looking at that.

@openstreetmap-trac
Copy link
Author

Author: osm[at]gravitystorm.co.uk
[Added to the original trac issue at 12.33pm, Wednesday, 28th August 2019]

This is sort of fixed be default, since we no longer have the Mapquest layer, and none of the current layers have an image in the attribution.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

1 participant