Author Topic: DC website is "Not Secure" when viewing threads? (Read 7641 times)

Deozaan · « **on:** July 03, 2020, 01:21 PM »

I've noticed lately that Brave (Chrome) is telling me the site is "Not Secure" when I'm viewing any posts/threads on the site.

DonationCoder - Not Secure.png

It seems that maybe some content is being loaded without HTTPS on thread pages?

EDIT: I'm mentioning this more in response to mouser's recent-ish attempts to force HTTPS site-wide than an actual concern about the "security" of my connection/data on the site.

Ath · « **Reply #1 on:** July 03, 2020, 01:37 PM »

Some of the smiley buttons of the Quick Reply editor have http url's, while most of the other resources are on https url's. The current browser generations have deemed all http links to be "Not Secure", FWIW.

Deozaan · « **Reply #2 on:** July 03, 2020, 01:53 PM »

I'm not really concerned about the site being actually insecure and leaking important details. I just figured I should bring this up so mouser can fix it. Thanks for pinpointing the problem. Should make it really easy for mouser to fix.

* Deozaan cracks the whip at mouser.

Shades · « **Reply #3 on:** July 03, 2020, 01:57 PM »

Some of the smiley buttons of the Quick Reply editor have http url's, while most of the other resources are on https url's. The current browser generations have deemed all http links to be "Not Secure", FWIW.
-Ath (July 03, 2020, 01:37 PM)

Not only that, some are becoming even more strict regarding HTTPS traffic (images/scripts) that did not originate from the same domain.

mouser · « **Reply #4 on:** July 03, 2020, 07:03 PM »

The smileys and emojis should all be https.. However the images in people's signatures or links to external websites may be http..

Deozaan · « **Reply #5 on:** July 04, 2020, 12:00 AM »

When I right-click an emoji and click "Inspect" to view the page source, they are using HTTP and not HTTPS.

panzer · « **Reply #6 on:** July 04, 2020, 12:09 AM »

* Deozaan cracks the whip at mouser.
-Deozaan (July 03, 2020, 01:53 PM)

No, no. Only his wife is allowed to do that.

Ath · « **Reply #7 on:** July 04, 2020, 02:32 AM »

The smileys and emojis should all be https.. However the images in people's signatures or links to external websites may be http..
-mouser (July 03, 2020, 07:03 PM)

Well, the smileys are https when displayed in a post, but not in the Quick Reply editor. Or the Preview/Full blown message/reply editor. The layout button-icons are https, but not the 'toolbar' of smileys, just above the editor surface.

mouser · « **Reply #8 on:** July 04, 2020, 09:30 AM »

ah interesting, i shall fix!

Deozaan · « **Reply #9 on:** July 14, 2020, 09:09 PM »

I just remembered this was a problem and can verify it is fixed. Not sure how long ago you fixed it, but thanks for doing so!

mouser · « **Reply #10 on:** July 15, 2020, 09:50 PM »

Author Topic: DC website is "Not Secure" when viewing threads? (Read 7641 times)

Deozaan

DC website is "Not Secure" when viewing threads?

Ath

Re: DC website is "Not Secure" when viewing threads?

Deozaan

Re: DC website is "Not Secure" when viewing threads?

Shades

Re: DC website is "Not Secure" when viewing threads?

mouser

Re: DC website is "Not Secure" when viewing threads?

Deozaan

Re: DC website is "Not Secure" when viewing threads?

panzer

Re: DC website is "Not Secure" when viewing threads?

Ath

Re: DC website is "Not Secure" when viewing threads?

mouser

Re: DC website is "Not Secure" when viewing threads?

Deozaan

Re: DC website is "Not Secure" when viewing threads?

mouser

Re: DC website is "Not Secure" when viewing threads?