Subject:*
<
Name/Email:*
<
Message Icon:*
<
Select*
<
Message:*
<



Click the Preview to see the content in action.
Options:*
<
Confirmation Code*
<
0 + 9 = ?  
Input the result from the expression
Maximum attempts you can try: 10
*
<
   

Re: enable https ssl for entire site
by Mamba on 2017/7/3 23:40:30

If you're looking for more info/advise, check out Richard's tutorial here:
https://xoops.org/modules/newbb/viewtopic.php?topic_id=78277
Re: enable https ssl for entire site
by brutalicuss on 2017/5/1 17:30:03

Yep, the same, both fields exist.. but I hope to cheat google as I remove "type=hidden". In all cases this warnings are improper, but are real and may harm our sites, for seo at least.

First I checked hows on in wordpress, they have removed "hidden", not exist in any field. Than I decide to remove it also, I dont know, maybe google just hate this word "hidden" :)

For browser version, I dont know what is actual, I use only firefox, but this security warning (in gwt) was only few days ago.

OK Im good tester and will test what will happen with "display:none" :)
Re: enable https ssl for entire site
by geekwright on 2017/5/1 15:54:22

First, Chrome 56 is discontinued. Chrome 58 is current for all platforms. I cannot replicate the problem you reported using a current version of Chrome. I recall seeing a notice in the past that came from a "post" (rather than "get") method search box, but that no longer seems to be an issue. Perhaps that was one of the numerous issues fixed since version 56.

Second, the change you suggest does not improve the security/risk potential in any way. The field still exists, and is still is being transported the same way.
Re: enable https ssl for entire site
by brutalicuss on 2017/4/30 13:59:00

Hi guys :)

Im not sure if the method "type hidden" in input fields is old or correct, at all, but I had warned by chrome56 (google wt) for this field in our search form:
<input type="hidden" name="action" value="results"/>
They thinks that this action in non ssl sites is non secured collection of user data, like passwds, card and etc.
So we should change this method in all themes to be "modern" and solicitous for the data of our users :)
Personaly, I changed with <input type="text" name="action" value="results" style="display:none"/> so far its no affect wc3 validation and chrome warnings (I hope)
If anyone have better or more correct way to do that, I think it will be useful for all
Re: enable https ssl for entire site
by cristian76 on 2017/1/26 18:21:20

This is important question, because Google wants to force the use of https
"From the end of January with Chrome 56, Chrome will mark HTTP sites that collect passwords or credit cards as non-secure. Enabling HTTPS on your whole site is important, but if your site collects passwords, payment info, or any other personal information, it's critical to use HTTPS. Without HTTPS, bad actors can steal this confidential data"

https://plus.google.com/+GoogleWebmasters/posts/iDUi5pCNuLZ

I have already received email from Google for my site with xoops forum

Who's Online

579 user(s) are online (483 user(s) are browsing Support Forums)


Members: 0


Guests: 579


more...

Donat-O-Meter

Stats
Goal: $15.00
Due Date: Jul 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $15.00
Make donations with PayPal!

Latest GitHub Commits