[SMF 2.1 RC2] FTP Links

[Massl]

Code Select Expand

[url="ftp://ftp.test.com"]My FTP[/url]
becomes after sending message

Code Select Expand

[url="http://ftp://ftp.test.com"]My FTP[/url]

[Illori]

have you tried using ftp tags instead of URL ?

Code Select Expand

[ftp=ftp://ftp.test.com"]My FTP[/ftp]

[Massl]

yes but it doesn't work

Thanks

[Kindred]

define "doesn't work" more specifically please...

please show us a link with an example of the failure on your own site?

[live627]

I think deprecated tags are disabled by default. Did yuo enable it?

[Massl]

Yes, these are my settings


Also

Code Select Expand

[ftp="ftp://test.com"]My FTP[/ftp] is not recognized.

[Aleksi "Lex" Kilpinen]

There should not be any quotes in there, have you tried without them?

[Massl]

Yes, same issue also without quotes.

[SychO]

the tag is deprecated in 2.1, meaning you can't use it anymore as far as I know

[Massl]

OK, so with smf 2.1 is it no longer possible to insert FTP links?

[Arantor]

Given that FTP is fundamentally insecure, that's probably not a bad thing anyway.

[Massl]

It's a joke right?
There are billions of ftp sites and these can't be linked with SMF?

It is obvious that it is a bug...

It would be enough not to add http:// to the ftp:// path when sending a message (see first message).

[Sesquipedalian]

It is obvious that it is a bug...

It would be enough not to add http:// to the ftp:// path when sending a message (see first message).

Yes, if "http://" is being prepended to "ftp://" in a [url] BBCode, that is a bug that we need to fix. I am a little surprised to hear that this is happening, though. I could have sworn the code already checked for that scenario.

[Sesquipedalian]

The bug appears to be in SCEditor. If I enter "[url="ftp://ftp.test.com"]My FTP[/url]" and post without previewing, the link is created correctly. However, if I get a preview or toggle the editor between WYSIWYG and source mode, that triggers the editor to prepend "http://" to the FTP link.

[Massl]

The bug appears to be in SCEditor. If I enter "[url="ftp://ftp.test.com"]My FTP[/url]" and post without previewing, the link is created correctly.

Sure?
Have you tried to click on the link?

I tried it without previewing and it opens http://ftp//ftp.test.com/

[Arantor]

Bug aside, who uses FTP any more when SFTP or FTPS are preferable and don't leak your password in plain text (which FTP has always done)? (And no, last I checked place neither SFTP not FTPS we're actively supported)

[Massl]

You are right Arantor, sftp and ftps should also be added.

Unfortunately ftp is still widely used in many sites...

Code Select Expand

[url="sftp://ftp.test.com"]My FTP[/url] and

Code Select Expand

[url="ftps://ftp.test.com"]My FTP[/url]
becomes

Code Select Expand

http://sftp//ftp.test.com and

Code Select Expand

http://ftps//ftp.test.com

The problem could be the same...

[Sesquipedalian]

Tracked in https://github.com/SimpleMachines/SMF2.1/issues/5590

[Massl]

Thank you 

[GigaWatt]

Bug aside, who uses FTP any more when SFTP or FTPS are preferable and don't leak your password in plain text (which FTP has always done)? (And no, last I checked place neither SFTP not FTPS we're actively supported)

I use it all the time... not to mention that my forum is still running without SSL and I'm not planning on changing that.

[Arantor]

You really should change that given how browsers will actively tell your users that your site is insecure.

It also means that your users can be fairly trivially hacked because passwords can get sent around in plain text! But sure, your convenience is more important than your users' security.

[GigaWatt]

You really should change that given how browsers will actively tell your users that your site is insecure.

I know and I've opened up a thread about it, explaining that this is actually pushed by Google and that there is nothing to worry about.

It also means that your users can be fairly trivially hacked because passwords can get sent around in plain text! But sure, your convenience is more important than your users' security.

And how were passwords sent 10, 15 years ago . Most of the sites didn't have SSL back then and yet, most of them weren't hacked or sniffed or whatever. If someone want's to get to your data, they will, doesn't matter what type of encryption you're using, it's just a matter of time.

And about the convenience thing... I'm a volunteer here. Basically, I'm also a volunteer there too. That forum exists only because I want it to exist. None of the previous admins were up to the task of keeping the forum alive in it's former state (SMF 1.1.16 back then, none of them knew how to actually transfer the forum to another host), let alone upgrading it... I did both. There are literally only 10-20 people reading that forum. Excuse me if I don't get all choked up for about 20 people that might get their credentials compromised on a forum that actually only costs me money to run and produces 0 revenue. Sure, I admit, it's a good place to hang around, chat and exchange stuff, etc., but I'm not gonna waste my spare time implementing SSL on a forum that's mostly dead. It's hard enough keeping it alive as it is.

Not to mention frequent host changes (we go where the rent is low... I'm not rich, and, even if I was, there is no point in paying $100 a month for 20 active users ) and that I have to reimplement SSL there too ... only a drag that I'm not planing wasting time on.

[Aleksi "Lex" Kilpinen]

You know, most hosts offer free SSL these days - and even if they don't, you can still get it for free with a little effort. I switched all my sites over to https within minutes when I decided it was time.

[GigaWatt]

Yes, I know. The problem is that I have to reimplement it every time I switch hosts... and I don't know when I'm going to switch hosts since we've done it three times in the past year. Things are stable now, but I don't know for how long .