How is everyone handling the switch to HTTPS-everywhere-all-the-time next
month?
In October Chrome v62 will start marking all pages served over HTTP with
text input elements as insecure (
https://blog.chromium.org/2017/04/next-steps-toward-more-connection.html).
Almost every page we serve or link to has a search box on it, so most
libraries will effectively have to go HTTPS-only.
Switching sites on our own domain to HTTPS-only will be easy, but requiring
HTTPS from the databases, journals, repositories, etc that we link to is
tougher.
How is everyone else dealing with this? Do you have a sense of the scope of
the problem? Are you already HTTPS-only?
Thanks,
Ben
|