The Cellar
Page 2 of 14 1 2 345678912 Last »
Show 60 post(s) from this thread on one page

The Cellar (http://cellar.org/index.php)
-   Cellar Meta (http://cellar.org/forumdisplay.php?f=3)
-   -   Converting to https (http://cellar.org/showthread.php?t=32417)

Undertoad 12-27-2016 10:09 PM
No well it's not enforced yet, but will be soon cos it's not truly secure until then. Still working out the first set of issues.

xoxoxoBruce 12-27-2016 11:07 PM
Everything seems to be working for me, and considerably faster too. :thumb:

glatt 12-28-2016 07:41 AM
1 Attachment(s)
:)

:eek:

this is kelp
Attachment 58947

glatt 12-28-2016 07:42 AM
Works for me in firefox

limey 12-28-2016 08:26 AM
1 Attachment(s)
:dunce: Works OK for me in Forefox, too ...

Undertoad 12-28-2016 02:43 PM
There are still a few lingering items going on... working on it.

Ugh, I did not expect this to be such a problem...

Undertoad 12-28-2016 02:49 PM
Yeah. The actual issue is that the site was built depending on Yahoo! code, loaded from Yahoo!, that is delivered INSECURELY and so all Javascript is broken in the https version of our site.

Working on it...

glatt 12-28-2016 03:01 PM
Thanks for your work!

Undertoad 12-28-2016 03:10 PM
My pleasure sir!

And just like that, a little research says you can obtain the same Javascirpt libraries from Google instead of Yahoo!. We are now getting those from Google over SSL, which means they are secure too.

(But a little... slower? Hmmm is it just me?)

This appears to have been one of the final steps in getting the "lock" symbol to show up when you browse the site with https. Which is a goal of all this.

In another day or two, if everything works, I'll figure out how to redirect all http requests to https.

Undertoad 12-28-2016 03:18 PM
The lock symbol is broken right now on any page where requests are made for attachments, or images with http instead of https. So if an https page includes a call for http... it's not secure. Makes sense.

I just add this running commentary in case this is interesting for folks

glatt 12-28-2016 03:21 PM
So I posted two smilies this morning from my laptop using Firefox and they worked. But now on tapatalk, I only see one of them worked.

Gravdigr 12-28-2016 03:25 PM
Quote:
Originally Posted by Undertoad (Post 977693)
I just add this running commentary in case this is interesting for folks
It is very interesting. And thank you, Toad, for the effort that goes into Teh Cellar.:notworthy

Flint 12-28-2016 03:57 PM
Yes, it is interesting.
Thank you for the work and the commentary.

ETA: I'm getting the green hair thing, too.

Undertoad 12-28-2016 04:02 PM
It's pretty easy to see what's causing security problems on a page, using Chrome.

You hit F12 and the Developers Console comes up. If you use Chrome and accidentally have hit F12, you have seen this thing. If you've ever developed in CSS or Javascript, you already know.

The Security tab tells you exactly why the page is considered non-secure.

~

Changing ALL hotlinked images is going to be a drag, or at least, a dangerous thing. I'm not sure it can even be done. There's no global search and replace in the forum software. Each one of those images is linked with an insecure permanent BBCODE bit of text. The change has to happen at database level and it has the potential to break things.

xoxoxoBruce 12-28-2016 04:08 PM
Quote:
Originally Posted by glatt (Post 977695)
So I posted two smilies this morning from my laptop using Firefox and they worked. But now on tapatalk, I only see one of them worked.
They are both there, you just can't see them on tapatalk.


All times are GMT -5. The time now is 05:51 PM.
Page 2 of 14 1 2 345678912 Last »
Show 60 post(s) from this thread on one page

Powered by: vBulletin Version 3.8.1
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.