Add the option to force Summon to load over https
In October, Google Chrome release 62 will begin labeling any website loaded over http and containing a form (i.e. every library webpage ever) as "Not Secure." You can read more about that here: https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html
We currently have all our links to and search forms use HTTPS to access Summon, but we can't force all our users onto HTTPS. Since the *.summon.serialssolutions.com wildcard certificate covers every instance of Summon, why not add an option to force all Summon connections to use HTTPS? (Or just make it the default.)
While you're at it, why not add your exlibrisgroup wildcard certificate to your User Voice account so that I can enter a password for this Ideas group on a secure page, rather than an insecure one? ;)
Currently all elements of the Summon User Interface and the API are available via HTTPS . Looking into configuring by client vs. forcing everyone across HTTPS.
Virginia Dearborn commented
Yes, please! Forcing HTTPS would be very much appreciated here.
Suzy Bailey commented
Great idea. I just want to highlight an issue for us - ProQuest/ExLibris manages our custom script and hosts it at http://local.4libs.org/ - they don't support https to my knowledge, so ideally alternative hosting arrangements would be considered as part of this improvement.
Patricia Farnan commented
Three votes for this one!
Debby Andreadis commented
This is a great and necessary idea. Thanks for posting it Matthew.