Request avatar images securely to try to prevent mixed content warning

John · 2017-09-28 17:26:44

SirJosh3917

hummerz5 · 2017-09-28 17:34:44

will you settle for writing the link like this?

img src="//forums.everybodyedits.com/potato" ?

John · 2017-09-29 04:15:14

hummerz5 wrote:

^

is this for me or diff?

XxAtillaxX · 2017-09-29 05:04:26

I believe it's also the signature images, which would be silly to force over HTTPs, as embedding cross-site images poses no significant threat.

BuzzerBee · 2017-09-29 06:20:46

Would there be any drawback of requesting the images securely? Idk much about web development but would it increase page load time or bandwidth usage? Bc if not I don’t see a reason not to secure them but also as atilla said it’s not really necessary so no bother in having diff work on it

LukeM · 2017-09-29 07:57:10

I think it would increase load time for non-profile-pic images, because for each connection there needs to be a key negotiation thingy, as it needs to connect to another site, plus some websites don't support https, so some images might not work

John · 2017-09-29 13:20:46

XxAtillaxX wrote:

I believe it's also the signature images, which would be silly to force over HTTPs

yeah the signatures are like that too. the weird thing is the avatars are hosted on the forums, but still use http instead of https? id think that would be easy to change

XxAtillaxX wrote:

embedding cross-site images poses no significant threat.

true but i mean like why not

BuzzerBee wrote:

Would there be any drawback of requesting the images securely?

im not aware of any. i looked on stackoverflow and they said there isnt a significant difference of loading times.

destroyer123 wrote:

I think it would increase load time for non-profile-pic images, because for each connection there needs to be a key negotiation thingy, as it needs to connect to another site, plus some websites don't support https, so some images might not work

the avatars are hosted on the forums itself so i think itd be easy as changing http to https.

LukeM · 2017-09-29 17:06:25

Emalton wrote:

BuzzerBee wrote:
Would there be any drawback of requesting the images securely?
im not aware of any. i looked on stackoverflow and they said there isnt a significant difference of loading times.
destroyer123 wrote:
I think it would increase load time for non-profile-pic images, because for each connection there needs to be a key negotiation thingy, as it needs to connect to another site, plus some websites don't support https, so some images might not work
the avatars are hosted on the forums itself so i think itd be easy as changing http to https.

Yes it would be easy to use HTTPS for the avatar images, but theres no point making them secure if there are still insecure images in signatures or posts, and as I said, it would probably add a lot of time if you are loading them from other websites, as it needs to negotiate a new HTTPS connection for every site (which takes a significant amount of time)

XxAtillaxX · 2017-09-29 17:09:01

BuzzerBee wrote:

Would there be any drawback of requesting the images securely? Idk much about web development but would it increase page load time or bandwidth usage? Bc if not I don’t see a reason not to secure them but also as atilla said it’s not really necessary so no bother in having diff work on it

It's a warning, it's not a big deal. I don't see the necessity in breaking sites that only work over plain HTTP just to get rid of a insignificant visual indicator.

mrjawapa

John · 2017-09-30 21:53:55

destroyer123 wrote:

it would probably add a lot of time if you are loading them from other websites

Emalton wrote:

the avatars are hosted on the forums itself

XxAtillaxX wrote:

I don't see the necessity in breaking sites that only work over plain HTTP

Emalton wrote:

the avatars are hosted on the forums itself

--

To reiterate, I'm only talking about avatars.

LukeM · 2017-09-30 23:05:58

We (well at least I) know, it's just that it would be pointless just doing avatars, as the warning would still be there for sig images etc, so if you were going to do it, you'd have to do it for all images to see any of the benefits

Different55 · 2017-10-01 16:59:35

Maybe fixed it? Not that it matters unless you browse with sig images (or sigs entirely) turned off.

hummerz5, John

John · 2017-10-08 17:18:14

Works great!

Official Everybody Edits Forums

#1 2017-09-28 17:26:44

Request avatar images securely to try to prevent mixed content warning

#2 2017-09-28 17:34:44

Re: Request avatar images securely to try to prevent mixed content warning

#3 2017-09-29 04:15:14

Re: Request avatar images securely to try to prevent mixed content warning

#4 2017-09-29 05:04:26

Re: Request avatar images securely to try to prevent mixed content warning

#5 2017-09-29 06:20:46

Re: Request avatar images securely to try to prevent mixed content warning

#6 2017-09-29 07:57:10

Re: Request avatar images securely to try to prevent mixed content warning

#7 2017-09-29 13:20:46

Re: Request avatar images securely to try to prevent mixed content warning

#8 2017-09-29 17:06:25, last edited by LukeM (2017-09-29 17:10:49)

Re: Request avatar images securely to try to prevent mixed content warning

#9 2017-09-29 17:09:01

Re: Request avatar images securely to try to prevent mixed content warning

#10 2017-09-30 21:53:55

Re: Request avatar images securely to try to prevent mixed content warning

#11 2017-09-30 23:05:58

Re: Request avatar images securely to try to prevent mixed content warning

#12 2017-10-01 16:59:35

Re: Request avatar images securely to try to prevent mixed content warning

#13 2017-10-08 17:18:14

Re: Request avatar images securely to try to prevent mixed content warning

Board footer