Secure Weavers - Page 3 - Myth-Weavers


Secure Weavers

 
What I know about this is that web pages are files edited and then uploaded to the server. So, what I was meaning is to create and add new web page files intended for opening through the existing phone web browsers. But dunno any further than that...

There is also a way to post things through phone messages, Facebook uses it. But If I know little about the previous one, I know even less about this one...

Quote:
Originally Posted by mrflex View Post
Apparently Firefox's security settings will prevent non-secure content (http) from displaying on secure sites (https). This issue is Firefox-specific (as mentioned in one or more of the articles linked below).
Default Firefox settings shouldn't block things like images, only active stuff like iframes and embedded junk.

Last I checked, all of the avatars, smileys, and the theme content go through http. So if you can see them, Firefox is letting some through. And if you open up the console, you will see the deluge of warning messages that comes with every page load about how naughty the site is being.

Mostly, if mixed-mode content is composed only of images it's not a huge security issue, just annoying that there's a warning in the top left corner on every MW page and a bunch of things in the console you have to sift through.

Quote:
Originally Posted by seanmillion View Post
Default Firefox settings shouldn't block things like images, only active stuff like iframes and embedded junk.
So what's the setting that caused the issue?

Since it's only Photobucket pics, I assume it must be their settings.

I don't know what send_hsts_priming is but I wouldn't be turning off block_active_content because active content's the potentially dangerous junk. However, if disabling block_active_content solves the issue, that would suggest to me that Photobucket's image links aren't real image links (which are passive as opposed to active) at all and just happen to be embeddable as such. If that's the case, it's probably for the best to solve the problem by convincing people to stop using Photobucket.

Quote:
Originally Posted by seanmillion View Post
Since it's only Photobucket pics, I assume it must be their settings.

I don't know what send_hsts_priming is but I wouldn't be turning off block_active_content because active content's the potentially dangerous junk. However, if disabling block_active_content solves the issue, that would suggest to me that Photobucket's image links aren't real image links (which are passive as opposed to active) at all and just happen to be embeddable as such. If that's the case, it's probably for the best to solve the problem by convincing people to stop using Photobucket.
This is exactly right, actually. If you link to an image on photobucket (with a link ending in .png or whatever), it'll redirect to a page with a whole bunch of photobucket stuff around it, including share buttons and whatnot.

This is also why, when an image is removed from photobucket, but the link is still being used (such as in a forum tag), you end up with an image showing up that has a photobucket logo and some error message.

Ah, thank you, I think I misunderstood what all the technical talk was about. So Its ok to use Photobucket then? I do a lot of custom images and I've only ever used Photobucket to host them.

Quote:
Originally Posted by oldkingkoal View Post
Ah, thank you, I think I misunderstood what all the technical talk was about. So Its ok to use Photobucket then? I do a lot of custom images and I've only ever used Photobucket to host them.
All the above said.... I highly recommend imgur. Same kind of deal, except that it is actually possible to get a direct link to your image :P







 

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
User Alert System provided by Advanced User Tagging (Lite) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
Last Database Backup 2018-09-18 09:00:07am local time
Myth-Weavers Status