Single thread in GPU forum not encrypted

benjii · 23 Feb 2020 at 12:54

This thread in the GPU forum does not have a working encryption certificate. Every other post in the GPU forum and else where seems to be fine, it's just that one post.

What's up with that? Is it a host problem or something on my end?

edit - I take it back, it has a working certificate, Chrome is just not saying it's secure.

leezer3 · 23 Feb 2020 at 12:57

Probably a sig in the thread.

benjii · 23 Feb 2020 at 12:58

leezer3 said:
Probably a sig in the thread.

How does that work? Is the sig sending data to a third party?

GravyMonster · 23 Feb 2020 at 13:10

It's because although the forum itself is running over HTTPS using a valid cert, some signatures are referencing unsecured content over HTTP. You can see the errors in the console if you open dev tools. This is why you get the warning in some threads but not others.

benjii · 23 Feb 2020 at 13:13

Now that you mention it, me too. Could it be because I linked the other thread?

HungryHippos · 23 Feb 2020 at 22:47

benjii said:
Now that you mention it, me too. Could it be because I linked the other thread?

No, as it's already been mentioned some of the content on the page is not served by OCUK forums, pics/signatures from external sources are not protected by the encryption.

Rroff · 23 Feb 2020 at 23:58

It should tell you on the advisory as well that parts of the page are unsecure and depending on your setup might even say whether it is images, etc. and/or what the external links are.

b00merang69 · 24 Feb 2020 at 00:01

It is OK OP we do not care about your Fap Material on your PC, just encrypt your drives to be safe.

Pho · 24 Feb 2020 at 00:12

It's @LoadsaMoney who is using http in their signature url not https.

@'d them so they can fix it, just add an s after http given imgur is fine with it

mrk · 24 Feb 2020 at 01:04

Now that I know this winds some people up, I will post a http link in random threads

dowie · 24 Feb 2020 at 10:14

mrk said:
Now that I know this winds some people up, I will post a http link in random threads

GravyMonster · 24 Feb 2020 at 11:12

Pho said:
It's @LoadsaMoney who is using http in their signature url not https.

@'d them so they can fix it, just add an s after http given imgur is fine with it

Yours is too

Rroff said:
It should tell you on the advisory as well that parts of the page are unsecure and depending on your setup might even say whether it is images, etc. and/or what the external links are.

It really should, but Chrome doesn't. It just gives a vague 'not everything is secure' message: https://i.imgur.com/RWtThLg.png. The only way to see all non-secure URLs is in dev tools.

HungryHippos · 24 Feb 2020 at 11:48

mrk said:
Now that I know this winds some people up, I will post a http link in random threads

Just make a sig pic and use http:// instead of https://, automatically makes the page insecure

Pho · 24 Feb 2020 at 14:50

Spunkey said:
Yours is too

The irony

. Fixed

Perhaps OcUK should just ban all signatures that contain http images and then it can avoid all the browser warnings for everyone. Nearly every website/image host offer https now anyway. Would be trivial to implement as a validation check when someone's saving their signature.

LoadsaMoney · 24 Feb 2020 at 15:21

Pho said:
It's @LoadsaMoney who is using http in their signature url not https.

@'d them so they can fix it, just add an s after http given imgur is fine with it

Done