Q1. What is the problem that you are trying to solve?
I noticed that the green lock in my browser turned yellow after setting up some avatars for users. I checked it with FF Developer Tools and it turned out that the avatars are loading over plain HTTP instead of HTTPS.
If I fix the url to **https://**passbolt-avatars.s3.amazonaws.com/images/Avatar… the lock turns green.
Q2 - Who is impacted?
I think everyone (?)
Q3 - Why is it important and/or urgent?
I don’t think it’s a huge security flaw but I think it’s needless to explain why it is important a load everything via https.
Q4 - What is your proposed solution? (optional)
Fix the source code