Pages: 1
Posted on 01-02-17, 01:13 am (rev. 1 by  Dirbaio on 01-03-17, 02:04 am)
Newcomer
Only Partly Acheiving

Karma: -53
Posts: 3/9
Since: 01-01-17
happens on every device i own and every prive newtwork i connect to this happens on IE and Chrome the photo is big its full 720p (i edited the picture so i can emphasise the not secure bit and so you cant see my chrome tabs)
_________________________
https://www.youtube.com/channel/UC39YOnnS1Lxq8jsiXB9VAuw
Posted on 01-02-17, 01:15 am
☭ coffee and cream


Karma: 9886
Posts: 2226/2653
Since: 06-26-11
good job embedding a huge screenshot that stretches everything


aside from that, that's Dirbaio's job. I'll punch him a few times tomorrow.
_________________________
Kuribo64 - RH-fucking-cafe - Kafuka

zrghij
Posted on 01-02-17, 01:16 am
Newcomer
Only Partly Acheiving

Karma: -53
Posts: 4/9
Since: 01-01-17
Posted by StapleButter
good job embedding a huge screenshot that stretches everything


aside from that, that's Dirbaio's job. I'll punch him a few times tomorrow.

sorry about that and thanks
_________________________
https://www.youtube.com/channel/UC39YOnnS1Lxq8jsiXB9VAuw
Posted on 01-02-17, 01:44 am
Roy Koopa
The guy who does things.

Karma: 12046
Posts: 2364/2784
Since: 07-01-11
changes https to http. Problem solved.
New Super Mario Bros.: Clone Tag Team 1+2 / New Super Mario Advance + Take 2 / Super Mario: Endless Earth
My two greatest assets have been mental stability and being, like, really smart.
Posted on 01-02-17, 07:38 am
(ーωー。)

Karma: 661
Posts: 166/240
Since: 08-12-13
I'm on HTTPS here, and I have no problems here.
However, problems might occur if a certain page uses at least 1 image, video embed, Javascript, Stylesheet, etc. that still uses HTTP.
URLs are fine, though.

In the case of this very page, these things all cause problems to the HTTPS protocol, making browsers mark it as "not secure":

_________________________
Posted on 01-02-17, 08:49 pm (rev. 1 by Thierry on 01-02-17, 08:50 pm)
Once upon a time there was a tiger.

Karma: 4753
Posts: 2033/2592
Since: 01-17-13
It may not have been a problem to begin with, but IMO the "fixed" tag doesn't fit.
Posted on 01-02-17, 08:58 pm
☭ coffee and cream


Karma: 9886
Posts: 2228/2653
Since: 06-26-11
https is fine here, any issue would be either
a) you use a browser that got more paranoid, or
b) your system date is wrong
_________________________
Kuribo64 - RH-fucking-cafe - Kafuka

zrghij
Posted on 01-02-17, 09:26 pm
(ーωー。)

Karma: 661
Posts: 167/240
Since: 08-12-13
My system time is GMT+9, which is my time zone, anyway.
_________________________
Posted on 01-03-17, 02:13 am
Super Mario
( ͡° ͜ʖ ͡°)

Karma: 8939
Posts: 4370/4433
Since: 06-08-11
Posted by MasterAUX
happens on every device i own and every prive newtwork i connect to this happens on IE and Chrome the photo is big its full 720p (i edited the picture so i can emphasise the not secure bit and so you cant see my chrome tabs)


You have blanked out the whole screenshot? lolwat.

Could you click "Details" there and screenshot the thing that appears? Thank you.

Posted by Yami
I'm on HTTPS here, and I have no problems here.
However, problems might occur if a certain page uses at least 1 image, video embed, Javascript, Stylesheet, etc. that still uses HTTP.
URLs are fine, though.


Most of these are only warnings, the content fails anyway. The only error in your screenshot is the stuff hosted in new.nsmbhd.net, people should update these links to point to nsmbhd.net. People should stop linking to insecure http images/CSS... I'll get a cert for new.nsmbhd.net and redirect it so these errors go away at least.
Posted on 01-07-17, 11:06 pm
Super Mario
( ͡° ͜ʖ ͡°)

Karma: 8939
Posts: 4371/4433
Since: 06-08-11
The new.nsmbhd.net thing is now fixed, I got a valid cert for it and redirected it to nsmbhd.net.

The only remaining problem is the mixed content warnings due to people linking images to HTTP hosts. Working on a fix.
Posted on 01-08-17, 12:34 am
(ーωー。)

Karma: 661
Posts: 172/240
Since: 08-12-13
If you happen to find a fix, please share it with me.
I've been unable to find one myself, because not everything that works on HTTP, will work on HTTPS.
_________________________
Posted on 01-08-17, 12:40 am
Super Mario
( ͡° ͜ʖ ͡°)

Karma: 8939
Posts: 4374/4433
Since: 06-08-11
There is no "good" fix. I'm just going to make the board rewrite urls from http to https for the most common image hosts that support https.

I'll probably later add "img-src https:" to the Content-Security-Policy header so HTTP images will not work at all, this will make people stop using image hosts that only support HTTP or are not on my HTTP->HTTPS list.
Posted on 01-10-17, 02:22 am
☭ coffee and cream


Karma: 9886
Posts: 2234/2653
Since: 06-26-11
>no http images

could be a problem for dynamic images on http. and more generally, having to reupload images that are on http servers is going to be a pain.

I'm opposed to this.


https is nice, but I'll consider it when it is really democratized. right now it's mostly choosing a CA between "trustworthy but expensive as fuck" and "cheap/free but we don't give a shit".

in this sense, https is still kind of a pain. in the current state of things, I am opposed to the deprecation of http.
_________________________
Kuribo64 - RH-fucking-cafe - Kafuka

zrghij
Posted on 01-10-17, 12:15 pm
(ーωー。)

Karma: 661
Posts: 174/240
Since: 08-12-13
Well, when you set up your web server correctly, you can use both protocols for a single file.
For example, DSHack.org's files run on both, Port 80, and Port 443, but everything gets automatically redirected to 443 (aka, HTTPS).
Then we have Imgur, which uses Port 80 by default, but everything also works on Port 443 by just adding an "S" behind "HTTP".

However, more often than wanted, I see how websites use either of the 2, meaning you will sometimes upload an image twice, before you can cross-use it...
_________________________
Pages: 1