Results 1 to 6 of 6
  1. #1

    Default Chrome Warning About Loading Unsafe Scripts From forums.dc3.com

    Hi, new user here and I'm running the latest version of Chrome under the latest version of Windows 10 Pro x64. The forums.dc3.com site shows up as "Not Secure" due to trying to "load scripts from unauthenticated sources." This happened on two different windows machines, but I don't get the warning with the latest version of chrome on my android phone. I did a simple site search but it failed to find any mention of this problem. Of course, I can dismiss the error and then the scripts do load so the site looks better, but should I really have to do this? Is there really an issue with the site's security certificate or is this a Chrome bug? Thanks in advance.

  2. #2
    Join Date
    Oct 2005
    Location
    Mesa, AZ
    Posts
    33,149

    Default

    Egad! I walked into work today to be greeted by this, ha ha. Should be a fun day :-) It appears that the browser(s) are refusing to load stylesheets that aren’t linked by https://. This software is not minbe, but it ia very widely used so I should be able to find the fix in reasonable time. Off I go. I am using the Tapatalk mobile app right now so I am unaffected.
    -- Bob

  3. #3
    Join Date
    Oct 2005
    Location
    Mesa, AZ
    Posts
    33,149

    Default

    How strange. Nothing has changed in the code for the forum, yuet both Firefox and Chrome have started complaining and failing to load "mixed content"/ Even forms which have "action="xxx" are now flagged for mixed content. That relative URL is supposed to pick up the rest of the URL from the enclosing page, which is https:// ?!?!?!?! Well I'm off on a fun voyage.
    -- Bob

  4. #4
    Join Date
    Oct 2005
    Location
    Mesa, AZ
    Posts
    33,149

    Default

    This one takes the cake... The browser(s) all started giving "mixed content" warnings (trying to fetch embedded content via insecure/http with a page that was fetched secure/https. 85 errors like this! But... here's the corker... all of the references (images, form actions etc) were specified without http or https, and no domain name. THese links should be relative to the parent document (all hell would break loose otherwise). And they are supposed to pick up the scheme (http vs https) of the parent document. But they were all being flagged as "mixed content" and the stylesheet loading was being refused. Fortunately, and I am so lucky I found this in reasonable time, there is a header that will tell the browser to automatically upgrade all insecure requests to secure. I can't understand why the browser thinks the links are "mixed" in the first place, but adding this (safe) header option solved the problem and at this point I have bigger fish to fry, so ... onward.
    -- Bob

  5. #5
    Join Date
    Oct 2005
    Location
    Mesa, AZ
    Posts
    33,149

    Default

    You have no idea how relieved I am that this didn't turn into a multi-day (or worse) adventure in old PHP software that's not mine).
    -- Bob

  6. #6

    Default

    Thanks Bob!

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. *** WARNING About DDWCP And Ascom 5.5 ***
    By Bob Denny in forum Hardware/Software/Driver Topics Not Directly Related to Our Software
    Replies: 2
    Last Post: Dec 28, 2011, 19:36

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •