As of right now, the Discourse installation isn't running on an https-enabled server (and Chrome gets mad, especially when the HTTPS Everywhere extension tries to redirect the site to the non-existent secure version). It's not collecting tons of personal information, but the site still collects passwords and should probably have https enabled.
8 Likes
Ooh and I can dbl like as an anonymous user.
Given the somewhat sensitive nature of data science in various organizations — including US gov departments — TLS/SSL has to the only accepted way of sign-in and, heh, discourse.
Also: Chrome is going to really light a fire on login dialogues that aren't SSL'd, soon.
The site also uses Discourse CDN and it would be much safer for individuals re:tracking if it was all local.
3 Likes
Working on enabling SSL now
3 Likes
I was as well...They said it was a checkbox to enable?
Seems to be working now!
A checkbox and some more $$$
The logo image is still not secure at the moment: http://www.rstudio.com/wp-content/uploads/2017/09/RStudio_Community.png Should use https.
Aye. Still getting mixed content warnings on my end. It's likely a quick template URL resource tweak.
user profile JSON is SSL'd and limited to logged-in users, so 
on that front and the rest of the hosted discourse and back-end Proinity CDN (which they use behind the scenes) seem as well (no mal-history as well).
Should be fixed now (at least I don't see any problems when I open in chrome)