| Previous :: Next Topic |
| Author |
Message |
neek
Member
Joined: 12 Sep 2011
Posts: 2221 | TRs | Pics
Location: Seattle, WA |
|
neek
Member
|
 Fri Oct 02, 2020 6:26 am |
|
|
You're right, it will soon be standard behavior (https://www.chromestatus.com/feature/4926989725073408). Most browsers have warned about this in the URL bar for years. There is potential server cost for encrypting traffic, since it's computationally intensive. nwhikers serves a lot of images. But making it optional at first (i.e. not redirecting everything to https) would ease the transition.
Although I understand the appeal, your html cut and paste method is problematic for several reasons. Unfortunately you're not going to find anything that publishes to nwhiker's custom bbcode, and I know nothing about weebly, so can't think of an alternative that wouldn't involve some custom code or manual work. I'll keep thinking about it though since I'd like to do something similar (have my own site) some day.
|
| Back to top |
  
|
|
reststep
Member
Joined: 17 Dec 2001
Posts: 4725 | TRs | Pics
|
|
reststep
Member
|
Fri Oct 02, 2020 7:55 am |
|
|
Windows 7
"The mountains are calling and I must go." - John Muir
"The mountains are calling and I must go." - John Muir
|
| Back to top |
|
|
Josh Journey
a.k.a Josh Lewis
Joined: 01 Nov 2007
Posts: 4752 | TRs | Pics
|
| neek wrote: | | There is potential server cost for encrypting traffic, since it's computationally intensive. |
| Quote: | | But for some reason, there’s a pervasive myth that SSL is slow. That installing an SSL certificate on your site will introduce too much overhead and slow things down. That might’ve been the case more than a decade ago |
- Source
When coupled with HTTP/2 sites load faster than ones without https + HTTP/2.
| neek wrote: | | But making it optional at first (i.e. not redirecting everything to https) would ease the transition. |
In theory, yes. However Chrome forces non secure images to load from https which can be seen in the console errors; hence guarantee breaking all images. Without TSL/SSL there doesn't seem to be a work around.
| neek wrote: | | Although I understand the appeal, your html cut and paste method is problematic for several reasons. |
Although using a DOM inspector to extract trip reports could work, highlighting + copying reports straight into the editor is by far the easiest way to replicate TRs. TinyMCE also supports this. Display wise it not only plays well for the end user but also promotes NWHikers via a new tab in lightbox for each image. To this day NWHikers has a superior image insert button compared to most sites in terms of image insertion.
|
| Back to top |
|
|
neek
Member
Joined: 12 Sep 2011
Posts: 2221 | TRs | Pics
Location: Seattle, WA |
|
neek
Member
|
Fri Oct 02, 2020 9:49 am |
|
|
| Josh Lewis wrote: | | When coupled with HTTP/2 sites load faster than ones without https + HTTP/2. |
To be clear, I'm talking about $$ for the site operator, not user experience. It depends on the hosting provider. Some simply charge more for encrypted traffic.
| Josh Lewis wrote: | | To this day NWHikers has a superior image insert button compared to most sites in terms of image insertion. |
Isn't that funny? But many people agree. Sometimes simpler is better.
|
| Back to top |
|
|
Josh Journey
a.k.a Josh Lewis
Joined: 01 Nov 2007
Posts: 4752 | TRs | Pics
|
| neek wrote: | | To be clear, I'm talking about $$ for the site operator, not user experience. It depends on the hosting provider. Some simply charge more for encrypted traffic. |
Ah, I see.| neek wrote: | | sn't that funny? But many people agree. Sometimes simpler is better. |
For some reason developers have this mysterious belief that adding a bunch of steps somehow makes the editing experience better. This is why I've avoided Gutenberg for WordPress 5. I love having many options; but when it's enforced to a point of difficulty it no longer creates a nice experience even to a seasoned user.
|
| Back to top |
|
|
Matt Lemke
High on the Outdoors
Joined: 15 Jul 2010
Posts: 2050 | TRs | Pics
Location: Grand Junction |
|
Matt Lemke
High on the Outdoors
|
Sat Oct 03, 2020 9:05 am |
|
|
What are your thoughts Tom? I can send some screenshots if you'd like... looks like this is mainly a issue for just browsers on windows 10 devices for now, but that's a huge percentage of users, and it'll likely get worse.
Thanks
|
| Back to top |
|
|
Tom
Admin
Joined: 15 Dec 2001
Posts: 17457 | TRs | Pics
|
|
Tom
Admin
|
Sat Oct 03, 2020 1:13 pm |
|
|
I could fairly easily implement SSL for the site hosting the thunbnails. Would that solve your issue?
|
| Back to top |
|
|
Matt Lemke
High on the Outdoors
Joined: 15 Jul 2010
Posts: 2050 | TRs | Pics
Location: Grand Junction |
|
Matt Lemke
High on the Outdoors
|
Sat Oct 03, 2020 2:35 pm |
|
|
Tom, that should work... thank you!
|
| Back to top |
|
|
Matt Lemke
High on the Outdoors
Joined: 15 Jul 2010
Posts: 2050 | TRs | Pics
Location: Grand Junction |
|
Matt Lemke
High on the Outdoors
|
Tue Oct 06, 2020 10:30 am |
|
|
Let me know if you need any help with it Tom, or when you get it done. Thanks!
|
| Back to top |
|
|
downwardbound
Member
Joined: 26 Oct 2020
Posts: 1 | TRs | Pics
Location: new hampshire |
It's important to remember that new registrations are being added to the site all the time. The information people are sharing is not protected. http requests are NOT encrypted during the sign up process. Hopefully no one is using the actual password from their email acct when they sign up here!
Without a digital certificate form data is vulnerable. That should be addressed immediately. Certs are cheap. Not sure who's in charge but it appears as if this has been an ongoing issue for quite some time.
Peter
|
| Back to top |
|
|
Joey
verrry senior member
Joined: 05 Jun 2005
Posts: 2700 | TRs | Pics
Location: Redmond |
|
Joey
verrry senior member
|
Tue Oct 27, 2020 4:03 pm |
|
|
+1 for Let's Encrypt
I use those certs on my domains.
The auto renewal works fine.
|
| Back to top |
|
|
zimmertr
TJ Zimmerman
Joined: 24 Jun 2018
Posts: 958 | TRs | Pics
Location: Issaquah |
|
zimmertr
TJ Zimmerman
|
Tue Nov 17, 2020 10:54 am |
|
|
|
| Back to top |
|
|
zimmertr
TJ Zimmerman
Joined: 24 Jun 2018
Posts: 958 | TRs | Pics
Location: Issaquah |
|
zimmertr
TJ Zimmerman
|
Tue Mar 23, 2021 10:24 am |
|
|
|
| Back to top |
|
|
Tom
Admin
Joined: 15 Dec 2001
Posts: 17457 | TRs | Pics
|
|
Tom
Admin
|
Tue Mar 23, 2021 1:59 pm |
|
|
Doesn't sound like it will impact on sites without SSL, other than a redirect back to http, or did I misread?
I asked mcaver a few months ago if he could research upgrading us to https but he was swamped with other things, so I don't see it happening in the near future.
|
| Back to top |
|
|
MCaver
Founder
Joined: 14 Dec 2001
Posts: 5125 | TRs | Pics
|
|
MCaver
Founder
|
Tue Jul 19, 2022 8:26 am |
|
|
HTTPS version of the site is now online. Sorry for the delay.
 Brian Curtis, Josh Journey, Snuffy
Brian Curtis, Josh Journey, Snuffy |
| Back to top |
|
|
|
|
