https only for administration?

[mvlcek]

It seems that GetSimple is ill fitted for using SSL for the administration only, e.g. if you access the administation with https:

• some resources (e.g. Javascript) are loaded using http, which exposes cookies, etc.
  
• inserting a (page/upload) link in a page will insert it with https (unless you manually change it)
  

Using self signed certificates or a shared certificate (with wrong server name),

• the flash uploader does not work, even if the certificate was added to the browser. It has to be disabled in gsconfig.php.
  

The first issue can easily be solved by using relative paths or omitting http(s): from the links.
Interestingly in GS 3.3.1 (without any plugins) the jquery-scrolltofixed.js is included multiple times:

Code:

<script src="http://www.glaube-gerechtigkeit.at/admin/template/js/fancybox/jquery.fancybox.pack.js?v=2.0.4"></script>
<script src="http://www.glaube-gerechtigkeit.at/admin/template/js/jquery-scrolltofixed.js?v=0.0.1"></script>        
<script type="text/javascript" src="template/js/jquery-scrolltofixed.js?v=3.3.1"></script>        
<script type="text/javascript" src="template/js/jquery.getsimple.js?v=3.3.1"></script>