Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#19045 - {archweb} https://www.archlinux.org/devel/ loads external javascript
Attached to Project:
Arch Linux
Opened by Pierre Schmitz (Pierre) - Sunday, 11 April 2010, 16:44 GMT
Last edited by Dan McGee (toofishes) - Thursday, 23 September 2010, 04:21 GMT
Opened by Pierre Schmitz (Pierre) - Sunday, 11 April 2010, 16:44 GMT
Last edited by Dan McGee (toofishes) - Thursday, 23 September 2010, 04:21 GMT
|
DetailsThe dev website (at least https://www.archlinux.org/devel/) loads a javascript lirbrary from http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js. This is a security issue and could affect our site when their's are down.
I would suggest to download that file and use a local copy. |
This task depends upon
Closed by Dan McGee (toofishes)
Thursday, 23 September 2010, 04:21 GMT
Reason for closing: Fixed
Additional comments about closing: 47c95a2821d1fb926446d2379d4b2273af5482dc
Thursday, 23 September 2010, 04:21 GMT
Reason for closing: Fixed
Additional comments about closing: 47c95a2821d1fb926446d2379d4b2273af5482dc
http://projects.archlinux.org/archweb.git/commit/?id=680ddeb0894df7d0e6939d9fc6d542ee1c585817
1. There site will not be down unless the world has caught fire, so I'm not too worried there.
2. We formerly did use a local copy, but it really isn't of any benefit unless you've looked through all of that as well and can assure me it is legit. I more than trust them to serve up the correct file. I could be convinced to use an https:// URL for it, however, when you are browsing our site on HTTPS.