Why are most icons HTTPS??

Status
Not open for further replies.
Dude111

Dude111

An Awesome Dude
Joined
Aug 8, 2009
Messages
446

Attachments

  • Capture.png
    Capture.png
    38.3 KB · Views: 364
mikewazowski

mikewazowski

Forums Manager/Global DB Admin
Staff member
Forums Manager
Joined
Jun 26, 2001
Messages
13,527
Location
Oot and Aboot
Icons are showing up fine for me.

Hopefully Lindsay will chime in but I don't think there's been any recent changes to the forums.
 
webstar22

webstar22

RenfrewCountyScanner.com
Feed Provider
Joined
Dec 21, 2003
Messages
1,006
Location
Ontario, Canada
Dude111 said:
Im not seeing any images here now,THERE IS ABSOLUTELY NO REASON TO HAVE HTTPS ON THE IMAGES HERE.......

https://d39pklu5rpk118.cloudfront.net/forums/images/misc/navbits_start.gif

I dont see that but I see this fine

http://d39pklu5rpk118.cloudfront.net/forums/images/misc/navbits_start.gif


Totally insane how ppl are letting the mainstream BS make them do this stuff that isnt needed!

This is what I see now...... (A box with an X instead of the image)
Click to expand...

You are running windows XP on 800x600 https is the least of your worries.
 
N9PBD

N9PBD

Member
Premium Subscriber
Joined
Aug 24, 2003
Messages
535
Location
Southern Illinois (Metro St. Louis)
RadioReference serves mixed content pages (both HTTP and HTTPS), but according to Mozilla (https://developer.mozilla.org/en-US/docs/Security/MixedContent): "Mixed Passive/Display Content is content served over HTTP that is included in an HTTPS webpage, but that cannot alter other portions of the webpage. For example, an attacker could replace an image served over HTTP with an inappropriate image or message to the user. The attacker could also infer information about the user's activities by watching which images are served to the user; often images are only served on a specific page within a website. If the attacker observes HTTP requests to certain images, they could determine which webpage the user is visiting." In this case, RR is doing the opposite, serving the webpage over HTTP, and portions of the content (icons in this case) via HTTPS.

That still doesn't explain why RR choses to serve the majority of its content via insecure methods. Google is an example of a mainstream website that is moving users to HTTPS, even if they specify HTTP in their requesting URL.

TLS 1.2 or better (SSL is broken), is the best choice to protect your browsing.
 
Dude111

Dude111

An Awesome Dude
Joined
Aug 8, 2009
Messages
446
MikeOxlong said:
Icons are showing up fine for me.

Hopefully Lindsay will chime in but I don't think there's been any recent changes to the forums.
Click to expand...

Well he might have done it months back Mike,I havent been here in about 6 months or so..

Yes i can load SOME https stuff Thunderknight but the point is THERE IS NO REASON FOR IT!!!!!!


There is nothing PRIVATE on this site needing HTTPS!!! -- HTTPS is for banking,etc......
 
Status
Not open for further replies.

Similar threads

Sheepdog777
  • Poll
Bearcat 885 SD Card Advanced Editing
Replies
15
Views
3K
Ubbe
U
kruser
  • Locked
SDS100/SDS200: Desense or Overload Issues
Replies
10
Views
2K
kruser
kruser
A
  • Locked
Chevy Cobalt FT-7800 / Remote Head (Step by Step)
2
Replies
24
Views
13K
K4APR
K4APR
Top