| Previous :: Next Topic |
| Author |
Message |
neek
Member
Joined: 12 Sep 2011
Posts: 1512 | TRs
Location: Seattle, WA
|
You're right, it will soon be standard behavior (https://www.chromestatus.com/feature/4926989725073408). Most browsers have warned about this in the URL bar for years. There is potential server cost for encrypting traffic, since it's computationally intensive. nwhikers serves a lot of images. But making it optional at first (i.e. not redirecting everything to https) would ease the transition.
Although I understand the appeal, your html cut and paste method is problematic for several reasons. Unfortunately you're not going to find anything that publishes to nwhiker's custom bbcode, and I know nothing about weebly, so can't think of an alternative that wouldn't involve some custom code or manual work. I'll keep thinking about it though since I'd like to do something similar (have my own site) some day. |
|
| Back to top |
|
|
reststep
Member
Joined: 17 Dec 2001
Posts: 4494 | TRs
|
Windows 7
--------------
"The mountains are calling and I must go." - John Muir |
|
| Back to top |
|
|
Josh Lewis
Snowy Salvation
Joined: 01 Nov 2007
Posts: 4673 | TRs
|
| neek wrote: |
| There is potential server cost for encrypting traffic, since it's computationally intensive. |
| Quote: |
| But for some reason, there’s a pervasive myth that SSL is slow. That installing an SSL certificate on your site will introduce too much overhead and slow things down. That might’ve been the case more than a decade ago |
- Source
When coupled with HTTP/2 sites load faster than ones without https + HTTP/2.
| neek wrote: |
| But making it optional at first (i.e. not redirecting everything to https) would ease the transition. |
In theory, yes. However Chrome forces non secure images to load from https which can be seen in the console errors; hence guarantee breaking all images. Without TSL/SSL there doesn't seem to be a work around.
| neek wrote: |
| Although I understand the appeal, your html cut and paste method is problematic for several reasons. |
Although using a DOM inspector to extract trip reports could work, highlighting + copying reports straight into the editor is by far the easiest way to replicate TRs. TinyMCE also supports this. Display wise it not only plays well for the end user but also promotes NWHikers via a new tab in lightbox for each image. To this day NWHikers has a superior image insert button compared to most sites in terms of image insertion.
--------------
· TrailTopo |
|
| Back to top |
|
|
neek
Member
Joined: 12 Sep 2011
Posts: 1512 | TRs
Location: Seattle, WA
|
| Josh Lewis wrote: |
| When coupled with HTTP/2 sites load faster than ones without https + HTTP/2. |
To be clear, I'm talking about $$ for the site operator, not user experience. It depends on the hosting provider. Some simply charge more for encrypted traffic.
| Josh Lewis wrote: |
| To this day NWHikers has a superior image insert button compared to most sites in terms of image insertion. |
Isn't that funny? But many people agree. Sometimes simpler is better. |
|
| Back to top |
|
|
Josh Lewis
Snowy Salvation
Joined: 01 Nov 2007
Posts: 4673 | TRs
|
| neek wrote: |
| To be clear, I'm talking about $$ for the site operator, not user experience. It depends on the hosting provider. Some simply charge more for encrypted traffic. |
Ah, I see.
| neek wrote: |
| sn't that funny? But many people agree. Sometimes simpler is better. |
For some reason developers have this mysterious belief that adding a bunch of steps somehow makes the editing experience better. This is why I've avoided Gutenberg for WordPress 5. I love having many options; but when it's enforced to a point of difficulty it no longer creates a nice experience even to a seasoned user.
--------------
· TrailTopo |
|
| Back to top |
|
|
Matt Lemke
High on the Outdoors
Joined: 15 Jul 2010
Posts: 1984 | TRs
Location: My van
|
What are your thoughts Tom? I can send some screenshots if you'd like... looks like this is mainly a issue for just browsers on windows 10 devices for now, but that's a huge percentage of users, and it'll likely get worse.
Thanks
--------------
The Pacific coast to the Great Plains = my playground!!!
SummitPost Profile
See my website at:
http://www.lemkeclimbs.com |
|
| Back to top |
|
|
Tom
Admin
Joined: 15 Dec 2001
Posts: 16674 | TRs
|
| I could fairly easily implement SSL for the site hosting the thunbnails. Would that solve your issue? |
|
| Back to top |
|
|
Matt Lemke
High on the Outdoors
Joined: 15 Jul 2010
Posts: 1984 | TRs
Location: My van
|
|
| Back to top |
|
|
Matt Lemke
High on the Outdoors
Joined: 15 Jul 2010
Posts: 1984 | TRs
Location: My van
|
|
| Back to top |
|
|
downwardbound
Member
Joined: 26 Oct 2020
Posts: 1 | TRs
Location: new hampshirew
|
It's important to remember that new registrations are being added to the site all the time. The information people are sharing is not protected. http requests are NOT encrypted during the sign up process. Hopefully no one is using the actual password from their email acct when they sign up here!
Without a digital certificate form data is vulnerable. That should be addressed immediately. Certs are cheap. Not sure who's in charge but it appears as if this has been an ongoing issue for quite some time.
Peter |
|
| Back to top |
|
|
Joey
verrry senior member
Joined: 05 Jun 2005
Posts: 2332 | TRs
Location: Redmond
|
+1 for Let's Encrypt
I use those certs on my domains.
The auto renewal works fine. |
|
| Back to top |
|
|
zimmertr
TJ Zimmerman
Joined: 24 Jun 2018
Posts: 152 | TRs
Location: Seattle
|
|
| Back to top |
|
|
zimmertr
TJ Zimmerman
Joined: 24 Jun 2018
Posts: 152 | TRs
Location: Seattle
|
|
| Back to top |
|
|
Tom
Admin
Joined: 15 Dec 2001
Posts: 16674 | TRs
|
Doesn't sound like it will impact on sites without SSL, other than a redirect back to http, or did I misread?
I asked mcaver a few months ago if he could research upgrading us to https but he was swamped with other things, so I don't see it happening in the near future. |
|
| Back to top |
|
|
|
|
