*Gone through https://wiki.mozilla.org/WebAppSec/Secure_Coding_QA_Checklist and filed the appropriate bugs
*Runs on both HTTP / HTTPS? Mixed-content warnings? Cert set up?
**Should HTTP requests get automatically redirected to HTTPS, by default?
**Check to see that third-party assets use relative paths, where possible
***e.g. Webtrends tags, social media, etc.
=Project/release-cycle=