Did something recently break with this? In the last hour, the site isn’t loading style pages with the HTTPS address, so pages are an unformatted mess.
FYI, the site is a horrible mess for me in Chrome + HTTPS. None of the post formatting controls are available (they show up as plain black text, no link or icon) and the reply buttons show up like this:
Reply With QuoteReply With Quote Multi-Quote This MessageMulti Quote Quick reply to this messageQuick Reply (where the second portion is a plain unadorned hyperlink that actually performs the function).
None of these problems appear if I view the site through http://…
ETA: it’s probably related to TroutMan’s issue above, but it’s been going on for me since yesterday. not just in the last hour.
ignore this. It would help if I would check time of the post first.
Am I supposed to be getting re-directed to https? I still have http for the Dope.
Same here. This thread’s URL (right now) is:
http://boards.straightdope.com/sdmb/showthread.php?t=844051&page=2
No https.
Still no redirect for me, either. Firefox reports this is not a secure connection.
http://boards.straightdope.com redirects to https for me.
Interesting. I wonder if this is because I use a bookmark to get here. When I clicked on your link, it worked as expected.
HTTPS also prevents ISPs from injecting ads and other fuckery into your pages.
@Bullitt & Morgyn: Yeah. It seems pretty clear that if you navigate directly to the base address of boards.straightdope.com using http you’ll be redirected to that same address via https.
But if you navigate directly to *any *specific page address within the site using http, you’ll remain using http as you click from link to link.
Which makes complete sense for how this stuff is usually wired up in the server.
@Derleth: It would if SDMB did it right. I get warnings and blockings when using SDMB via https because they’re letting all kinds of cross-domain crap in there. IMO https is useless if you (the browser) allow cross-domain content or you (the server) expect to serve it and have anyone receive it. Screen door meet submarine.
If you click “New posts” you get a list of non-https links to threads, so I think if you reached a boards page by clicking on a search result, it will be non-secure.
John our tech guy made some code tweaks he thinks will solve many if not all problems. He’s taking the weekend off, so please report any persistent issues and he’ll resume bug eradication on Monday.
Yep. The link to your post is http, not https.
http://boards.straightdope.com/sdmb/showpost.php?p=20668580&postcount=50
Is that a problem, or is it working as designed?
Thanks, LSLGuy, for explaining this. I’ve been getting the same warnings on IE 11. And I’m still getting them today, presumably after John’s tweaks have been implemented.
Oooh, ok. Only one gig of ram. You might benefit from NoScript, if you aren’t using it already. When I was limping an old laptop along around the time your machine was new, I became addicted to it. Finding out which scripts to allow to get the content you want can sometimes be a pain in the ass, but it’s fantastic at lowering the memory requirements of Firefox.
It looks like John did some good work. I’m able to browse via https without issue at the moment. I’m posting this from an https url.
Thanks, John!
ETA: After posting, I was redirected to a http url.
Also stops ISPs from caching web pages. Works great if everything on the web is set up correctly. In other words, hardly works at all.
We’re not communicating. Let me try again, simplifying just a smidgen.
Rule #1: If you start your browser by going to http://{anyplace at SDMB} you’ll remain using http for entire duration of that browsing session.
Rule #2: If you start your browser by going to https://{anyplace at SDMB} you’ll remain using https for entire duration of that browsing session.
Rule #3: So you’re entire browsing session will always be in one mode or the other and there’s no link you can click that will change from one to the other.
There is exactly one exception to the rules above:
Rule #4: If you go to exactly “http://boards.straightdope.com” then that will automatically switch you to https before you see that very first page. There are no other pages that behave this way. Thereafter rule #2 will apply to your browsing session.
Bottom line: everything depends on how you first get to the Dope. Depending on what links or cached results or personal favorites or Google searches you use to get here will control everything else that happens next.
Note what I’ve described here assumes that John *et al *have gotten everything rigged up perfectly. There may be a gap in there somewhere.
So if I don’t feel like changing my shortcuts is that going to be a problem for The Dope or can I just happily ignore this new development?
My bet is …
You can, like me, ignore it until they eventually do something to change things. Right now https is opt-in and ignorable.
At some future date they might
A) prevent http:// links from working at all
or
B) they’ll rescind my rule #1 and make everything always switch to https if it isn’t already. So Rule #4 will apply to every page, not just that special one.
If I had to bet, I’d bet on B in a few months. Or, since this will require new advertising vendors, they’ll park the whole project just as it is and leave it half done.
I shouldn’t browse SDMB when I’m at work, but…
I get a ‘secure content’ warning every single page. Even after I click ‘Show all content’, I get the warning when I go back to the page.
What a pain.