Web Apps

Not secure flag on Ryzom apps


General context

Currently, Chrome set the "Not Secure" warning only for pages with password and credit card input fields. Starting October 2017, Chrome will set this flag for any page with a form input.

Ryzom web app context

A bug in certificate validation on the Ryzom client forced every web app to use exclusively HTTP. As far as i know, this bug has been fixed in patch

The problem

If the Ryzom apps are not moved to HTTPS before October, using those apps in Chrome, including this forum, will display the "Not Secure" flag and freak users out.

Suggested action

Please move all the official Ryzom web-apps to HTTPS now and communicate to all web app developers on this topic.

Sadly I guess this report won't be taken seriously and the answer will be "we don't care about this flag, it's not supposed to be secure". I strongly disagree with such opinion and will not argue about it.


Markanjio di Segafredo
Order of the Blue Rotoa
Noble Gardien des Matis - Noble Matis Guardian
Fléau de l'Empire - Scourge of the Empire
Show topic
Last visit Sat Aug 8 23:19:23 2020 UTC

powered by ryzom-api