bug report

[quantumf]

There are 2 separate topics that caused a lot of unstability on 1.7:

1) Switching to https: it brought several unexpected side-effects and issues and we've been knocking them done one by one.

What benefit do you expect SSL to bring Kaya either than larger headaches? :S

Not sure if Kaya are planning to use websockets, but if they are, the impression I get is that they don't work very well unless you are using SSL. Something to do with proxies causing undesirable caching, which the encryption seems to sort out: http://www.infoq.com/articles/Web-Sockets-Proxy-Servers

[Kaya.gs]

There are 2 separate topics that caused a lot of unstability on 1.7:

1) Switching to https: it brought several unexpected side-effects and issues and we've been knocking them done one by one.

What benefit do you expect SSL to bring Kaya either than larger headaches? :S

SSL is rather important for login/sensitive data pages like Log in. Using a public network someone could eavesdrop and steal your password.
Its not a problem if they log in to kaya as you, but it is if they log in to your paypal account for example.

It was easier for me to set up the whole site on ssl than just a few pages so i went ahead and did the whole thing. But i am considering moving ssl only to the sensitive pages. The problem is that cookies also stop being secure if you move from https to http.

After 1.7.1 i really suspect most issues had to do more about the second than the first, as i already fixed the really major problem #1 caused.

[quantumf]

But i am considering moving ssl only to the sensitive pages.

Why would you want to do this? This usually causes browser warnings and/or broken padlock icons.

Reasons I'm aware of include clients often/never caching ssl-served data, and imposing a compression load on the server. Is it one of these, or something else?

Not sure the relevance of the Paypal concern? Is Kaya passing through Paypal userid/passwords to the Paypal site?