Text only | Text with Images

Simple Machines Community Forum

General Community => Site Comments, Issues and Concerns => Topic started by: Shambles on November 29, 2017, 04:43:21 AM

Title: Login form insecure?
Post by: Shambles on November 29, 2017, 04:43:21 AM
Just installed Firefox Quantum on a new works machine.

Obviously I have no cookie for sm.org so I needed to login and set one.

The login form doesn't appear to be secure, whereas the rest of the site is  :o


(https://i.imgur.com/soVkhzX.png)
Title: Re: Login form insecure?
Post by: Illori on November 29, 2017, 05:07:51 AM
we dont force a redirect to https, but we have changed all the URLs to be https, so you can log into the http forum.
Title: Re: Login form insecure?
Post by: Shambles on November 29, 2017, 05:53:39 AM
I guess I was just surprised to see that the whole website is secure apart from the most important part.. the form in which sensitive credentials are entered.
Title: Re: Login form insecure?
Post by: SleePy on November 30, 2017, 01:15:04 PM
Do you have outdated bookmarks?  All http:// urls will still work without redirecting you to https://.  However if you do any navigation, you will go to the https page.  Update your bookmarks for https and you should be good to go.

We will look into in the future forcing https:// for human browsers.
Title: Re: Login form insecure?
Post by: Shambles on November 30, 2017, 02:33:25 PM
Quote from: SleePy
Do you have outdated bookmarks?

I installed Firefix Quantum on a clean machine but you got me there. I used FF-SYNC to get my old bookies.

Shame on me.  :-[
Text only | Text with Images