#1 Posted by wildvine (10371 posts) - - Show Bio

My friend logs in, but no matter which browser she's on, her info is not protected. There's no lock symbol. Is this a CV issue? Is anyone else have this problem?

#2 Edited by pikahyper (12720 posts) - - Show Bio

@wildvine: Lock symbol where? This is a forum not a banking site or shopping site so they don't have to use https.

Moderator
#3 Posted by Fuchsia_Nightingale (10130 posts) - - Show Bio

@pikahyper:

I think she means the Web certificate stating if something is encrypted.

#4 Edited by Fuchsia_Nightingale (10130 posts) - - Show Bio

I'm getting this too on IE, it say it has Security certificate errors

#5 Posted by pikahyper (12720 posts) - - Show Bio

ah, I ignore those.

Moderator
#6 Posted by mrpibb (502 posts) - - Show Bio

@pikahyper: @fuchsia_nightingale: We only do https on the login pages. The rest of comicvine does not run under https. Are you seeing certificate problems?

#7 Posted by Fuchsia_Nightingale (10130 posts) - - Show Bio

@mrpibb:

For IE and Chrome, chrome is half encrypted

#8 Posted by mrpibb (502 posts) - - Show Bio

@fuchsia_nightingale: can you provide me with a screenshot? I'll take this to our ops guys on Monday to see if the cert is bad.

#9 Edited by Fuchsia_Nightingale (10130 posts) - - Show Bio
#10 Posted by Fuchsia_Nightingale (10130 posts) - - Show Bio

And this

#11 Edited by pikahyper (12720 posts) - - Show Bio

@fuchsia_nightingale: if you click the lock icon in Chrome it tells you why the connection isn't completely secure, the page is loading some elements that are insecure but the cert is fine, when you're not logged in something is loading in the background from an insecure server (might be something to do with the fonts) but if you are on any CV https page and you are logged in your avatar loads from a resource server which is not a secure server.

Moderator
#12 Posted by mrpibb (502 posts) - - Show Bio

@fuchsia_nightingale: @pikahyper: yeah that's most likely the case. We're not serving all our images through https which will cause that alert. It's something that we want to do, but because we're using CDNs for images and javascript it is a bit harder then just controlling out own hosts.

#13 Posted by Fuchsia_Nightingale (10130 posts) - - Show Bio