BUG: "Sent from http://forum.mysite.com" footer

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

BUG: "Sent from http://forum.mysite.com" footer

GregChapman
Hi Raven,

Having just sent an email to one of my users from one of my newly https enabled sites, with a copy to me, I see that the footer, still shows the URL without the "s"

I'm sure I can hack that within the NAML code, but I guess it's something that needs to be added to your routine when enabling https.
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

Israel <Nabble>
Administrator
Hello Greg,
Can you please check if everything is working properly?
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

GregChapman
Hi Israel,

It was https://forum.seahawk17.org.uk/ that had the trouble. The email footer now seems to be fixed.

Thanks!
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

GregChapman
Hi Israel,

I seem to have found another bug relating to https;

I have just uploaded an image in a post in another forum of mine and the critical part of the code shows as:
<img src="http://forum.aivuk.org.uk/file/n2745/screenshot074.png" ....
It seems this is the reason Firefox is saying "Parts of this page are insecure"!

Checking, at random, an old post on my SeaHawk forum:
https://forum.seahawk17.org.uk/Local-anchorage-td4025001.html
I find a total of 13 matches for "http:"
That may be more than the average as I have implemented the Previous/Next topic add-on within the Gallery app that post appears in. But another result is:

dropdown.add('social4025001', '\x3Ca href\x3D\"http://twitter.com/share?text\

which is, perhaps, easier to fix.

I guess there's more to do to get https perfect!
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

Israel <Nabble>
Administrator
This post was updated on .
Thanks for the feedback!
Greg is it possible give me more details on how to reproduce those issues or can you highlight them on your site?
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

GregChapman
Apologies for slow speed in replying, but I was a little confused by your question.

My post at:
http://support.nabble.com/BUG-Sent-from-http-forum-mysite-com-footer-tp7603265p7603374.html
simply reports what you find in the code behind any post in an https enabled forum. The existence of links to http URLs appear both in old messages posted well before https was implemeted and those posted since conversion.

The links can be both internal to the https enabled forum, such as images uploaded to it and through the next/previous topic add-on or external such as social links to Twitter

It seems such links result in pages  being reported as not fully secure by browsers.
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

Israel <Nabble>
Administrator
Hello Greg,
Can you please check if posts with images are still marked as unsafe on you side?  
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

GregChapman
Nothing has changed with the post I mentioned earlier:
https://forum.seahawk17.org.uk/Local-anchorage-td4025001.html
Search the frame source for "http:" and it still finds 13 examples including the twitter one and Firefox still has a padlock with yellow caution triangle over it..

Was I supposed to be making a new post with images and testing that?
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

Israel <Nabble>
Administrator
Greg, can you please post the links here?
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

GregChapman
I fear there is some misunderstanding on my part in this. When I say there 13 http: links on the page I am including all those to external sites, (such as the Social Media links) where I guess it doesn't matter and they won't be identified as a security problem in Firefox. But I do suspect that all the internal links to http://forum.seahawk17.org.uk are causing the problem.

As mentioned earlier, the first two of these are in the Previous/Next Topic links
<span style="float:right;white-space:nowrap">
					<a href="http://forum.seahawk17.org.uk/Bright-Angel-Alnmouth-to-Eyemouth-tp4024832.html">Next Image</a>
					<sub class="weak-color" style="font-size:180%">&rsaquo;</sub>
				</span>
		<div style="clear:both;height:0">&nbsp;</div>
	</div>
			<div class="weak-color float-left" style="font-variant:small-caps">
		Posted by
		
			<a href="http://forum.seahawk17.org.uk/template/NamlServlet.jtp?macro=user_nodes&amp;user=495399" rel="nofollow" title="View profile of MartinD" class="nowrap no-decoration"><img class="avatar light-border-color" src="/images/avatar24.png" height="24" width="24" alt="MartinD" title="MartinD"/><img src="/images/online.png" class="online495399 online invisible" title="User is online" alt="online"/></a>

	
There is one internal link within the Options dropdown menu, the first:
dropdown.add('permalink4025001', '\x3Ca href\x3D\"javascript: void(0)\" onclick\x3D\"prompt(\'Copy this:\',\'http://forum.seahawk17.org.uk/Local-anchorage-tp4025001.html\')\"\x3EPermalink\x3C/a\x3E');
		dropdown.add('rawMail4025001', '\x3Ca href\x3D\"/template/NamlServlet.jtp?macro\x3Draw_mail&amp;node\x3D4025001\" rel\x3D\"nofollow\"\x3ERaw mail\x3C/a\x3E', 'display:none');
		dropdown.add('social4025001', '\x3Ca href\x3D\"http://twitter.com/share?text\x3DLocal+anchorage&amp;related\x3DSeaHawk+Forum&amp;url\x3Dhttp%3A%2F%2Fforum.seahawk17.org.uk%2FLocal-anchorage-tp4025001.html\" title\x3D\"Twitter\" target\x3D\"_blank\" ignore\x3D\"y\"\x3E \x3Cimg src\x3D\"/images/social/twitter.png\" style\x3D\"width:16px;height:16px;margin-top:.2em;border:none;\"/\x3E \x3C/a\x3E \x3Ca href\x3D\"http://www.facebook.com/share.php?v\x3D4&amp;src\x3Dbm&amp;u\x3Dhttp%3A%2F%2Fforum.seahawk17.org.uk%2FLocal-anchorage-tp4025001.html&amp;t\x3DLocal+anchorage\" title\x3D\"Facebook\" target\x3D\"_blank\" ignore\x3D\"y\"\x3E \x3Cimg src\x3D\"/images/social/facebook.png\" style\x3D\"width:16px;height:16px;margin-top:.2em;border:none;\"/\x3E \x3C/a\x3E \x3Ca href\x3D\"http://del.icio.us/post?url\x3Dhttp%3A%2F%2Fforum.seahawk17.org.uk%2FLocal-anchorage-tp4025001.html&amp;title\x3DLocal+anchorage\" title\x3D\"Delicious\" target\x3D\"_blank\" ignore\x3D\"y\"\x3E \x3Cimg src\x3D\"/images/social/delicious.png\" style\x3D\"width:16px;height:16px;margin-top:.2em;border:none;\"/\x3E \x3C/a\x3E \x3Ca href\x3D\"http://www.google.com/bookmarks/mark?op\x3Dadd&amp;bkmk\x3Dhttp%3A%2F%2Fforum.seahawk17.org.uk%2FLocal-anchorage-tp4025001.html&amp;title\x3DLocal+anchorage\" title\x3D\"Google Bookmarks\" target\x3D\"_blank\" ignore\x3D\"y\"\x3E \x3Cimg src\x3D\"/images/social/google.png\" style\x3D\"width:16px;height:16px;margin-top:.2em;border:none;\"/\x3E \x3C/a\x3E \x3Ca href\x3D\"http://www.stumbleupon.com/submit?url\x3Dhttp%3A%2F%2Fforum.seahawk17.org.uk%2FLocal-anchorage-tp4025001.html&amp;title\x3DLocal+anchorage\" title\x3D\"Stumble Upon\" target\x3D\"_blank\" ignore\x3D\"y\"\x3E \x3Cimg src\x3D\"/images/social/stumbleupon.png\" style\x3D\"width:16px;height:16px;margin-top:.2em;border:none;\"/\x3E \x3C/a\x3E \x3Ca href\x3D\"http://www.linkedin.com/shareArticle?mini\x3Dtrue&amp;url\x3Dhttp%3A%2F%2Fforum.seahawk17.org.uk%2FLocal-anchorage-tp4025001.html&amp;title\x3Dhttp%3A%2F%2Fforum.seahawk17.org.uk%2FLocal-anchorage-tp4025001.html&amp;source\x3DSeaHawk+Forum\" title\x3D\"LinkedIn\" target\x3D\"_blank\" ignore\x3D\"y\"\x3E \x3Cimg src\x3D\"/images/social/linkedin.png\" style\x3D\"width:16px;height:16px;margin-top:.2em;border:none;\"/\x3E \x3C/a\x3E \x3Ca href\x3D\"http://digg.com/submit?phase\x3D2&amp;url\x3Dhttp%3A%2F%2Fforum.seahawk17.org.uk%2FLocal-anchorage-tp4025001.html&amp;title\x3DLocal+anchorage\" title\x3D\"Digg\" target\x3D\"_blank\" ignore\x3D\"y\"\x3E \x3Cimg src\x3D\"/images/social/digg.png\" style\x3D\"width:16px;height:16px;margin-top:.2em;border:none;\"/\x3E \x3C/a\x3E','white-space:nowrap');
		dropdown.build('dd_rootdropdown4025001');
Then there are two in the main body of the post:
<div class="root-text" style="margin:6em 0 2em;text-align:center;clear:both">
        <img src="http://forum.seahawk17.org.uk/file/n4025001/_M521158-750px.jpg" border="0" class="center" alt="Peaceful anchorage off Port Ramsay, Lismore"/><br/>First overnighter of the 'summer' (a whole 2nm from home), being checked out by the ever-curious local seals
<br/><br/>Download the full size image: <a href="http://forum.seahawk17.org.uk/file/n4025001/_M521158.jpg" target="_top" rel="nofollow" link="external">_M521158.jpg</a>

	
	
    </div
The last http: link is in the footer
<td class="footer-left weak-color">
				<a href="http://www.nabble.com/" target="_top">Free forum by Nabble</a>
where it's probably the only link that should be insecure (non-SSL).
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

Israel <Nabble>
Administrator
Hello Greg,
Can you please check if the padlock with yellow triangle disappeared on pages with images (use Firefox) ?
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

GregChapman
Apologies for the delay in responding.

I can confirm that the issue appears resolved.
Volunteer Helper - but recommending that users move off the platform!
Once the admin for GregHelp now deleted.
Reply | Threaded
Open this post in threaded view
|

Re: BUG: "Sent from http://forum.mysite.com" footer

Israel <Nabble>
Administrator
Ok, thank you!