Steven P. Administrators Posted September 25, 2016 Administrators Share Posted September 25, 2016 On the news side of things, if you try to access the site at https://www.neowin.net you will be redirected to https://www.neowin.net The forums aren't forced to HTTPS yet (although anyone can access the forums this way), but it's on the list of things to do. This does not affect logging in via the forums , which is over HTTPS. Due to the age of the site and various news articles and forum posts containing embedded non-secure content (over HTTP), people may notice mixed content warning messages, but this is also being looked into. +Gary7, Dot Matrix, Bamsebjørn and 5 others 8 Share Link to comment Share on other sites More sharing options...
Boo Berry Posted September 25, 2016 Share Posted September 25, 2016 It's about time! Link to comment Share on other sites More sharing options...
Steven P. Administrators Posted September 25, 2016 Author Administrators Share Posted September 25, 2016 Well we have had logging in over https since the board software supported it, but yes I agree Link to comment Share on other sites More sharing options...
count0nz Posted September 25, 2016 Share Posted September 25, 2016 Nice... I've seen so many Changes at Neowin over the Years.... Must say things are looking Great! Keep up the good work... Everyone... even the People who post Stuff... Its this Community that makes Neowin Great Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted September 25, 2016 Developer Share Posted September 25, 2016 1 hour ago, Boo Berry said: It's about time! You could load it via https previously, but now if you hit the news side of things on http, it will automatically redirect you to https. We'll be doing the same for the forums once we figure out what to do about all the embedded images in posts that use http rather than https to avoid users getting mixed-content warnings on every page Link to comment Share on other sites More sharing options...
Hum Posted September 25, 2016 Share Posted September 25, 2016 1 hour ago, Steven P. said: Due to the age of the site and various news articles and forum posts containing embedded non-secure content (over HTTP), people may notice mixed content warning messages, but this is also being looked into. Neowin is getting better with age. Link to comment Share on other sites More sharing options...
Boo Berry Posted September 25, 2016 Share Posted September 25, 2016 14 minutes ago, DaveLegg said: We'll be doing the same for the forums once we figure out what to do about all the embedded images in posts that use http rather than https to avoid users getting mixed-content warnings on every page This might help? https://invisionpower.com/files/file/7510-ssl-image-proxy/ Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted September 25, 2016 Developer Share Posted September 25, 2016 2 hours ago, Boo Berry said: This might help? https://invisionpower.com/files/file/7510-ssl-image-proxy/ Thanks, we'll give that a look Link to comment Share on other sites More sharing options...
+Gary7 Subscriber² Posted September 25, 2016 Subscriber² Share Posted September 25, 2016 3 hours ago, Hum said: Neowin is getting better with age. Like a good wine. Link to comment Share on other sites More sharing options...
Mando Posted September 25, 2016 Share Posted September 25, 2016 nice! Good effort Devs, Link to comment Share on other sites More sharing options...
FunkyMike Posted September 25, 2016 Share Posted September 25, 2016 Keep up the good work and well done! Interesting bug .. I can't seem to use the like button in the Real World forum. Seems to be some kind of script issue from "unauthenticated sources" .. probably related to https? Link to comment Share on other sites More sharing options...
adrynalyne Posted September 25, 2016 Share Posted September 25, 2016 (edited) 2 hours ago, FunkyMike said: Keep up the good work and well done! Interesting bug .. I can't seem to use the like button in the Real World forum. Seems to be some kind of script issue from "unauthenticated sources" .. probably related to https? Definitely. I guess they thought https could be enforced without correcting their hard-coded links Mixed Content: The page at 'https://www.neowin.net/forum/discover/unread/' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'https://www.neowin.net/forum/search/'. This endpoint should be made available over a secure connection. I am sure there are plenty more of these causing all sorts of interesting issues. THis is a good first step but this forum is not properly using https yet, not really. FunkyMike 1 Share Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted September 26, 2016 Developer Share Posted September 26, 2016 9 hours ago, adrynalyne said: Definitely. I guess they thought https could be enforced without correcting their hard-coded links Not really, you'll note the thread is about the fact https is enforced on the front page, not the forums, for exactly this reason. See my previous post for further clarification of this - exactly because the forums haven't been checked for full compatibility yet. trieste and FunkyMike 2 Share Link to comment Share on other sites More sharing options...
Boo Berry Posted September 29, 2016 Share Posted September 29, 2016 (edited) @DaveLegg Looks like the plugin is being used, groovy! On the main forum index, however, it looks like there's one mixed content warning for... https://www.neowin.net/forum/style_images/global/vetstar.gif There's likely others - if I encounter any I'll post them! Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted September 29, 2016 Developer Share Posted September 29, 2016 49 minutes ago, Boo Berry said: @DaveLegg Looks like the plugin is being used, groovy! On the main forum index, however, it looks like there's one mixed content warning for... https://www.neowin.net/forum/style_images/global/vetstar.gif There's likely others - if I encounter any I'll post them! Yeah, installed a couple of days ago, looks like it's doing the job, thanks a lot for the recommendation! I've fixed the vet star issue, let us know if you spot any others. Link to comment Share on other sites More sharing options...
Boo Berry Posted October 1, 2016 Share Posted October 1, 2016 (edited) There's another one, @DaveLegg http://pbs.twimg.com/profile_images/557299393309966338/5SKe8dmd_normal.jpeg Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted October 1, 2016 Developer Share Posted October 1, 2016 15 minutes ago, Boo Berry said: There's another one, @DaveLegg http://pbs.twimg.com/profile_images/557299393309966338/5SKe8dmd_normal.jpeg Where are you seeing that one? Link to comment Share on other sites More sharing options...
Boo Berry Posted October 1, 2016 Share Posted October 1, 2016 Main forum index. Link to comment Share on other sites More sharing options...
+Zlip792 MVC Posted October 1, 2016 MVC Share Posted October 1, 2016 Using Extension - moarTLS Analyzer on Chrome I found following two links on Main Page: Quote http://l.facebook.com/l.php?u=http%3A%2F%2Fon.fb.me%2F1mXNHhm&h=TAQGaqKJL&s=1 https://www.neowin.net/news/honor-8-review-a-399-smartphone-that-aims-to-disrupt-high-priced-tradition adrynalyne 1 Share Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted October 1, 2016 Developer Share Posted October 1, 2016 1 hour ago, Zlip792 said: Using Extension - moarTLS Analyzer on Chrome I found following two links on Main Page: Links don't matter so much, as the browser won't automatically load them into the page like it would with images, so they won't cause a mixed-content warning. Link to comment Share on other sites More sharing options...
Brandon H Supervisor Posted October 3, 2016 Supervisor Share Posted October 3, 2016 On 9/29/2016 at 10:50 AM, DaveLegg said: Yeah, installed a couple of days ago, looks like it's doing the job, thanks a lot for the recommendation! I've fixed the vet star issue, let us know if you spot any others. I'm still getting the mixed content warning for the vet star on the Forum Index Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted October 3, 2016 Developer Share Posted October 3, 2016 Should be fixed now, I forgot to clear the caches on the server Link to comment Share on other sites More sharing options...
Raa Posted October 3, 2016 Share Posted October 3, 2016 On 25/09/2016 at 9:42 PM, Boo Berry said: It's about time! Why? What are they hiding that they require secure traffic for? Link to comment Share on other sites More sharing options...
LimeMaster Posted October 3, 2016 Share Posted October 3, 2016 2 hours ago, Raa said: Why? What are they hiding that they require secure traffic for? It's not that. Google makes sites that use HTTPS appear higher on search results. Link to comment Share on other sites More sharing options...
Brandon H Supervisor Posted October 3, 2016 Supervisor Share Posted October 3, 2016 10 hours ago, DaveLegg said: Should be fixed now, I forgot to clear the caches on the server No I'm still getting it on Forum Index. it seems to be the vetstar in the "who's online" section near the bottom of the page causing it Link to comment Share on other sites More sharing options...
Recommended Posts