Web Apps


Not secure flag on Ryzom apps

Hi,

General context

Currently, Chrome set the "Not Secure" warning only for pages with password and credit card input fields. Starting October 2017, Chrome will set this flag for any page with a form input.

Ryzom web app context

A bug in certificate validation on the Ryzom client forced every web app to use exclusively HTTP. As far as i know, this bug has been fixed in patch 3.2.1.8913.

The problem

If the Ryzom apps are not moved to HTTPS before October, using those apps in Chrome, including this forum, will display the "Not Secure" flag and freak users out.

Suggested action

Please move all the official Ryzom web-apps to HTTPS now and communicate to all web app developers on this topic.



Sadly I guess this report won't be taken seriously and the answer will be "we don't care about this flag, it's not supposed to be secure". I strongly disagree with such opinion and will not argue about it.

---

Markanjio di Segafredo
Alkiane
Noble Gardien des Matis - Noble Matis Guardian
Fléau de l'Empire - Scourge of the Empire
Show topic
Last visit Thursday, 28 March 11:02:00 UTC
P_:

powered by ryzom-api