GBAtemp not secure in the threads.

[comput3rus3r]

The main page is secure as well as the threads list but when you go on an individual thread is not secure anymore. Anybody know why this is happening?

The first screenshot shows me posting this and it's secure.
The second one is inside a nintendo switch thread and then it's not secure.

Seems like once you go 3 levels deep it's not secure anymore. is this normal?

 

[Scarlet]

I believe this is because of users with externally hosted images. Usually in posts or images.

 

[comput3rus3r]

I believe this is because of users with externally hosted images. Usually in posts or images.

so what does it mean it's not secured?

 

[SomeGamer]

so what does it mean it's not secured?

You shouldn't type your credit card number on the images.

 

[Seriel]

This is usually caused by user signatures having raw http images in them, however I did a quick network log on Firefox of this thread, and apparently the following URL relating to a Patreom image is not secured:
http://gbatemp.net/styles/ts2/misc/patreon_logo_trans.png
This might want to be looked at by the staff if you're interested in ensuring most pages have full encryption (Not that it matters either way since login details are not sent through that image). But it's interesting to note that just having a Patron in a thread causes this to happen.

so what does it mean it's not secured?

Honestly, not much.
More technically speaking, it means that all the traffic that is causing this to happen (Usually images) is not encrypted and can be viewed by anyone who has access (Usually just your router and ISP) or anyone snooping on your connection if you're the victim of a MITM attack (Which i doubt you are).
So if anyone is spying on your traffic they can see the raw data of those specific signature images (Or in this case a patreon badge lol), but not the thread contents. As long as the address bar says https on it, your login and details etc are safe.

 

[SomeGamer]

apparently the following URL relating to a Patreom image is not secured:
http://gbatemp.net/styles/ts2/misc/patreon_logo_trans.png

That URL auto-redirects me to its https version.

 

[Seriel]

That URL auto-redirects me to its https version.

Yeah it does when you access it directly, but not when loaded as part of a page:

 

[Veho]

so what does it mean it's not secured?

It means the image links are not covered / encrypted by the SSL certificate that the locally-hosted content is.

 

[Seriel]

It means the image links are not covered / encrypted by the SSL certificate that the locally-hosted content is.

I dont want it to sound like I'm obsessing over this too much, but in the case of a lot of threads, its simply the Patreon badge that isnt encrypted thats causing this to happen. A lot of signature images and external images are usually https, although there are exceptions. But it doesn't help that every thread with a Patron posting in it causes this to crop up.

 

[comput3rus3r]

I dont want it to sound like I'm obsessing over this too much, but in the case of a lot of threads, its simply the Patreon badge that isnt encrypted thats causing this to happen. A lot of signature images and external images are usually https, although there are exceptions. But it doesn't help that every thread with a Patron posting in it causes this to crop up.

it is very annoying tbh

 

[Costello]

thanks, the link has been fixed in the CSS

 

[Seriel]

thanks, the link has been fixed in the CSS

Sweet, that made this thread and a fair chunk others fully secure.
I did a quick look around various threads out of curiosity, and managed to find "http://gbatemp.net/styles/ts2/misc/gloss.png". I have no idea where its called, but it is referenced over raw http like the patron one. (And interestingly doesnt redirect me to https when accessed directly, although the hyperlink here does.)
Other than that it's just misc things on people's signatures, which isn't the fault of gbatemp at all.

Spoiler

 

[Costello]

Sweet, that made this thread and a fair chunk others fully secure.
I did a quick look around various threads out of curiosity, and managed to find "http://gbatemp.net/styles/ts2/misc/gloss.png". I have no idea where its called, but it is referenced over raw http like the patron one. (And interestingly doesnt redirect me to https when accessed directly, although the hyperlink here does.)
Other than that it's just misc things on people's signatures, which isn't the fault of gbatemp at all.

Spoiler

thanks Seriel that's fixed as well now.

 

[Seriel]

thanks Seriel that's fixed as well now.

Ahah, thanks for looking at these for me. That should sort out most of the complaints of threads not being fully secure