Google warning on this Forum! Deceptive site ahead
-
I decided to change the http://… URL to my avatar for a https:// ... version.
I used https://forum.pfsense.org/index.php?action=profile;area=forumprofile
https://www.papy-team.fr/forum/e107_files/public/avatars/ap_59_nco_ranks_sergant.gif works when used directly.
But ... changing my profile ends up with a nice Your profile has been updated successfully and the setting is switched to "No avatar" like a https:// URL isn't accepted.
Btw : why not forcing a https URL if one chooses to use an avatar ?
edit : Better yet : retrying to set my URL gives me a "504 Gateway Time-out - nginx"
No avatars are shown on the main forum page ( https://forum.pfsense.org/index.php ) but still some info is send over using http, so navigators show "partially unsecured connection".: Ok, get it. It was my own avatar using http:// … Logic. -
Just choose the option to upload the avatar and go that way. It appears SMF (at least this version) doesn't want to allow HTTPS avatars.
-
Where can I upload an avatar?
-
Hmm, maybe it requires a higher level of permission. It shows for me.
-
I only have the first 3 options.
I just tried to change the URL to my avatar (to https://skylabs.ch/avatar.png) and now the avatar is gone completly.Edit: Yeah changing the link to http://skylabs.ch/avatar.png seems to work, but isn't that what the google warning is about? That you have a https page which includes http content?
-
Edit: Yeah changing the link to http://skylabs.ch/avatar.png seems to work, but isn't that what the google warning is about? That you have a https page which includes http content?
No, that's not a mixed content warning. It's about a site being in the Google Safebrowsing DB. As for mixed content, the only solution here would be adding a header to force everything via HTTPS. At that point, you break not just avatars but thousands and thousands of images linked from other sources here that have no support for HTTPS.
-
Yeah I would much rather host avatar on pfsense vs remote. But don't have the upload option either.
-
… Or just supply a https:// avatar link - which isn't accepted by this SMF forum.
But, as doktornotor already mentioned : all those posts with "http" links (to images) are making Google not happy neither ...But, hey, forum admins, do not change the forum just for that, I can live with it.
A trick : see image
Goto " pfSense Forum » Profile of YOU » Look and Layout" and check "Don't show users' avatars." and most pages (without external images) have the green lock again ;)
-
-
On the avatar note: anyone noticed gravatar is very much broken lately? Very visible in Redmine, takes ages for the page to load, and eventually it doesn't work.