An idea: reducing insecure content
We're considering hiding non-HTTPS images on blogs by default, with some sort of “show” button nearby, for users to click if they're okay with loading insecure content. This would impact a few things:
- Readers would always see the lock icon in their browser on all non-custom-domain blogs
- Anyone who's embedded insecure images would need to host their images securely to prevent them from being replaced with some sort of “insecure image hidden” message (or one less scary-sounding)
Because it could adversely affect some writers, we want to make sure most everyone is on board with / prepared for this change. It is ultimately better for everyone, both writers and readers, and falls in line with our goals to support a more widely-secure internet. While we are launching an image hosting product soon (Snap.as), it's not the primary reason for this idea, and it will be just one of many options for users to securely host images for their blogs.
Let us know what you think of this change, especially if you think it'll negatively affect you.