classic33
Leg End Member
Operator input error.I'm not normally one to point out typos but that one tickled me
Insecure links
- Thread starter Salty seadog
- Start date
Page may contain affiliate links. Please see terms for details.
D
Deleted member 1258
Guest
I came across this a couple of years ago, but I can't remember what browser I was using or the cure for it. At the moment I'm not having trouble with links on phone tablet or desktop.
- Location
- Somewhere wet & hilly in NW England.
Not an expert but I think this is a downside of Google's mission to switch the web from HTTP to HTTPS.
I'm running Chrome at the moment and it is happening a lot to me - not just this forum.
I'm running Chrome at the moment and it is happening a lot to me - not just this forum.
shirokazan
Veteran
Agree with SpokeyDokey. Google and others are driving a move to HTTPS which is resulting in the "insecure" messages. Here's Mozilla (the organisation behind FireFox) announcing their intention about 3 years. https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/
Ming the Merciless
There is no mercy
- Location
- Inside my skull
https prevents caching on intermediate CDN servers. So it is a real pain for images and other static assets.
OP
OP
Salty seadog
Space Cadet...(3rd Class...)
Yes just had it on a link in a text message so not just this site after all.
swee'pea99
Legendary Member
Recently I've been getting these when I click on links in messages:
Is it just me, or is summat up?
Is it just me, or is summat up?
HLaB
Marie Attoinette Fan
I got it on a CC link the other day needless to say I didn't reload it
Slick
Guru
Already being discussed in site support.
https://www.cyclechat.net/threads/insecure-links.242745/
https://www.cyclechat.net/threads/insecure-links.242745/
twentysix by twentyfive
Clinging on tightly
- Location
- Over the Hill
Getting that when I attempt to update the Ticker (TickerFactory) in my signature line. Pain - no idea how to access my Ticker outside of CC.
Generally warnings like that are a big no-no (suggesting that either the site you're visiting or your internet connection has been compromised) but in this case when you click an outgoing link on cyclechat it uses a redirect service - and the address CC uses for outgoing links "go.cyclechat.net" doesn't match the certificate of the redirect service and so your browser says "I've got a bad feeling about this"
In this instance it's not particularly risky. You can get around it by adding a security exception in your browser for go.cyclechat.net - though I would strongly advise against using security exceptions in general.
In this instance it's not particularly risky. You can get around it by adding a security exception in your browser for go.cyclechat.net - though I would strongly advise against using security exceptions in general.
Ming the Merciless
There is no mercy
- Location
- Inside my skull
Easiest thing is to sort out the certificate.
There are a couple of things going on:
Shaun
- The fix for the wrongly redirected Amazon links turned out to be a much deeper problem than I'd originally anticipated and involved making some server and DNS changes; and because we use HTTP Strict Transport Security (HSTS) on the CC server the prior links to go.cyclechat.net are cached in everyone's browser for a long period and won't work again until they've expired (or been removed and replaced). Removal of HSTS domain settings in browsers is not easy so I've temporarily replaced go.cyclechat.net with a skimlinks link. Once the HSTS caching period has expired I'll reinstate the branded CC redirect.
- Google (and now other browser makers) have deprecated Chrome’s trust in the Symantec certificate authority (including Symantec-owned brands like Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL). They announced their intention to do this in March - https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html - but many site owners have either missed or ignored it and are now showing errors when visited using a browser with deprecated trust. Those site owners need to update their SSL certificates. CC uses a trusted certificate and is not affected by this.
Shaun
