SimplePortal

SimplePortal => Site Discussion => Topic started by: lurkalot on July 07, 2017, 07:03:55 PM

Title: Insecure URL
Post by: lurkalot on July 07, 2017, 07:03:55 PM
Just a heads up.  Wondered why Firefox is still blocking content on here, according to the info next to the padlock. "Firefox has blocked parts of this page that are not secure"

It appears to be a Insecure URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Just thought I'd mention it. ;)
Title: Re: Insecure URL
Post by: ♦ Ninja ZX-10RR ♦ on July 07, 2017, 09:21:38 PM
Thanks for the report, admins must have missed that one when switching over to https, it's the ads script in block #57.
Title: Re: Insecure URL
Post by: Chen Zhen on July 07, 2017, 11:48:25 PM

It should be fixed now and thanks for the report.
Title: Re: Insecure URL
Post by: lurkalot on July 08, 2017, 03:50:09 AM
No problem.  All looks secure now, and it's got rid of that annoying popup warning "Only secure content on this page is displayed" at the bottom of internet explorer.

Title: Re: Insecure URL
Post by: emanuele on July 09, 2017, 03:43:16 AM
hmm
Strange it doesn't show anything on this very topic:
http://oi57.tinypic.com/xm682f.jpg
Title: Re: Insecure URL
Post by: lurkalot on July 09, 2017, 07:38:35 AM
Quote from: emanuele on July 09, 2017, 03:43:16 AM
hmm
Strange it doesn't show anything on this very topic:
http://oi57.tinypic.com/xm682f.jpg

I didn't check this particular topic, but yes it shows as insecure in Chrome and Firefox because of that image.
Title: Re: Insecure URL
Post by: Chen Zhen on July 10, 2017, 12:46:07 AM
Since the host of that image is not SSL then simply having the MessageIndex sub-routine change the url is not viable.
Imo the best approach is to edit the SMF files to do 2 things:

1) When posts are perused, change all existing http links to ie. javascript:alert('[LINK] can no longer be accessed from this page');
2) When people are posting do not allow a post to be saved that contains a http link and show a warning in red.

With #1 someone might have another idea to implement such as rel="nofollow" if it will work (I did not test it) but the bottom line is that the SMF devs should apply similar behavior as above.
Title: Re: Insecure URL
Post by: ♦ Ninja ZX-10RR ♦ on July 10, 2017, 07:27:48 AM
The 2nd idea is atrocious, you would be forcing literally everyone to have their sites in https, otherwise they wouldn't be able to post a link to their sites! ;)
Title: Re: Insecure URL
Post by: Chen Zhen on July 10, 2017, 07:28:28 PM

Too bad.. conform or don't post a live link.
Title: Re: Insecure URL
Post by: ♦ Ninja ZX-10RR ♦ on July 11, 2017, 05:47:37 AM
(http://i3.kym-cdn.com/photos/images/newsfeed/000/925/494/218.png_large)
Title: Re: Insecure URL
Post by: emanuele on July 11, 2017, 11:51:59 AM
You just have to act on images, not on URLs. ;)

BTW: Ninja fix the darn image!! xD
Title: Re: Insecure URL
Post by: Chen Zhen on July 12, 2017, 09:18:57 PM
(https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcR9w5D3pW0BU052fxMrvonuNm_cgYs8XuD74HyLv_PuR0Q47ktE)
SimplePortal 2.3.8 © 2008-2024, SimplePortal