No well it's not enforced yet, but will be soon cos it's not truly secure until then. Still working out the first set of issues.
|
Everything seems to be working for me, and considerably faster too. :thumb:
|
1 Attachment(s)
|
Works for me in firefox
|
1 Attachment(s)
:dunce: Works OK for me in Forefox, too ...
|
There are still a few lingering items going on... working on it.
Ugh, I did not expect this to be such a problem... |
Yeah. The actual issue is that the site was built depending on Yahoo! code, loaded from Yahoo!, that is delivered INSECURELY and so all Javascript is broken in the https version of our site.
Working on it... |
Thanks for your work!
|
My pleasure sir!
And just like that, a little research says you can obtain the same Javascirpt libraries from Google instead of Yahoo!. We are now getting those from Google over SSL, which means they are secure too. (But a little... slower? Hmmm is it just me?) This appears to have been one of the final steps in getting the "lock" symbol to show up when you browse the site with https. Which is a goal of all this. In another day or two, if everything works, I'll figure out how to redirect all http requests to https. |
The lock symbol is broken right now on any page where requests are made for attachments, or images with http instead of https. So if an https page includes a call for http... it's not secure. Makes sense.
I just add this running commentary in case this is interesting for folks |
So I posted two smilies this morning from my laptop using Firefox and they worked. But now on tapatalk, I only see one of them worked.
|
Quote:
|
Yes, it is interesting.
Thank you for the work and the commentary. ETA: I'm getting the green hair thing, too. |
It's pretty easy to see what's causing security problems on a page, using Chrome.
You hit F12 and the Developers Console comes up. If you use Chrome and accidentally have hit F12, you have seen this thing. If you've ever developed in CSS or Javascript, you already know. The Security tab tells you exactly why the page is considered non-secure. ~ Changing ALL hotlinked images is going to be a drag, or at least, a dangerous thing. I'm not sure it can even be done. There's no global search and replace in the forum software. Each one of those images is linked with an insecure permanent BBCODE bit of text. The change has to happen at database level and it has the potential to break things. |
Quote:
|
All times are GMT -5. The time now is 05:51 PM. |
Powered by: vBulletin Version 3.8.1
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.