WhatPulse Forums
[CLOSED] Super-annoying SSL *problem* - Printable Version

+- WhatPulse Forums (http://whatpulse.org/forums)
+-- Forum: Support (/forumdisplay.php?fid=38)
+--- Forum: Client software (/forumdisplay.php?fid=58)
+--- Thread: [CLOSED] Super-annoying SSL *problem* (/showthread.php?tid=6377)



[CLOSED] Super-annoying SSL *problem* - nimd4 - 04-16-2015 09:42 PM

Hi, pplz!..:) As mentioned in the thread (& elsewhere?!), WhatPulse is using a SSL certificate & therefore has HTTPS enabled/available.

The Client link, View Online Stats, however, does NOT open-up HTTPS, but HTTP. While I can appreciate this not being very high up on the to-do list (most certainly, not, hehe), it would be -kinda- nice to see this *fixed*

Ty!! :))

P.S.
Same w/the forum links, WhatPulse Forums ยป above & also, in various threads; such as: READ FIRST: Read before asking for support! (Btw., tyvm (!) for not using one-of-those friendly URLs plug-ins 4 the forums - as they're so, so, horrible. :))


RE: Super-annoying SSL *problem* - Inquizitor - 04-17-2015 12:37 AM

Check out HTTPS Everywhere. It's a browser extension for Chrome, Firefox and Opera that you can use to force SSL connections on any site that has it available.

You may need to manually add a rule for whatpulse.org, but once you do so, it works perfectly.


RE: Super-annoying SSL *problem* - smitmartijn - 04-18-2015 11:12 PM

SSL Should be used for sensitive information in my opinion. Your public profile is not sensitive information. For example, your profile editor or login connection.

SSL for everything doesn't do anything but annoy webservers. ;-)


RE: Super-annoying SSL *problem* - nimd4 - 06-01-2015 02:52 AM

(04-18-2015 11:12 PM)smitmartijn Wrote:  SSL for everything doesn't do anything but annoy webservers. ;-)

Ah, geez!..:) Alright, cool; thanks for the reply, anyway!! xD

P.S.
Sorz, had to add!.. While I agree, ofc., that it isn't sensitive information (or anything), but when the certificate is available and SSL enabled for the server, shouldn't it a user's prerogative to shield their traffic away from their ISP (whatever the content). Because, otherwise (for example), any HTTPS traffic that does come across is - by definition - suspicious /interesting activity, in a sense a target - for many different parties. :))