Snoozero
Active member
I've been resisting posting this bug for a while, because it's almost off the charts on the scale of "not being very important." However, I figured I'd try to get it thrown in before 1.1 to help myself (and hopefully others) with some template headaches.
Long story short, the facebook login icon currently used is http://static.ak.fbcdn.net/images/connect_sprite.png
It should be //www.facebook.com/images/connect_sprite.png
When running your site over HTTPS, even if you override this in EXTRA.css, some browsers will still throw a mixed content warning because they try to load the http image prior to the one overriding it. This is the only remaining mixed-content issue with XenForo, aside from [img] tags (which are a huge unrelated problem on their own, and should not IMO be handled in the XenForo core).
Long live https
Long story short, the facebook login icon currently used is http://static.ak.fbcdn.net/images/connect_sprite.png
It should be //www.facebook.com/images/connect_sprite.png
When running your site over HTTPS, even if you override this in EXTRA.css, some browsers will still throw a mixed content warning because they try to load the http image prior to the one overriding it. This is the only remaining mixed-content issue with XenForo, aside from [img] tags (which are a huge unrelated problem on their own, and should not IMO be handled in the XenForo core).
Long live https
. SSL support has come a long way since the origination of https, and our server's load average hovers around 0.10 all day long. While there are certainly other reasons for not switching to full HTTPS, load is quickly becoming a non-issue. Session re-use also helps by eliminating a lot of the extra handshaking latency.
