Chrome apparently does not like the Hindi Wikipedia; it does not only prevent me from accessing the page view info, the information is incorrect as well.
I did use Chrome before today. I am quite happy for Chrome to provide me with a security warning; I hate it when it prevents me to do my job.
Particularly nasty is the warning:
The site uses SSL, but Google Chrome has detected either high-risk insecure content on the page or problems with the site’s certificate. Don’t enter sensitive information on this page. Invalid certificate or other serious https issues could indicate that someone is attempting to tamper with your connection to the site.Such warnings should be taken seriously and reported but I am quite happy to use Firefox in stead.
Thanks,
GerardM
3 comments:
As far as I can see it's actually doing just fine -- it was whinging because hi.wikipedia.org was loading several JavaScript enhancements explicitly over http.
Various browsers have different behavior in this case; Firefox can throw up a scary dialog box on every page view (and even if you disable that, it still colors the URL bar as if you were on an unencrypted page). Chrome does the big scary X-ing out of the 'https', and shows you scary details in the page info popup. IE in latest versions just ignores any of the content that came over HTTP unless you opt back into it by clicking on a little bar at the bottom of the window.
In any case, I've fixed the scripts to load using protocol-independent links and all seems happier now. :)
Yeah. Mixed-content is the problem (content loading over http instead of https), and chrome is correct in warning you against it. Mixed-content is evil. It can be used to attack you while in https mode.
Fixing the content to load using protocol-relative urls, like Brion so kindly did (thank you Brion) solves the problem.
Basically, at this point in time, most of the things that cause mixed content to load are site javascript and CSS. Site admins should be chasing this stuff down when they see it :).
“I hate it when it prevents me to do my job” — well, what is does is preventing you from sending your password and your cookies to everyone on the Internet. I hate it as much as firemen preventing me from working in a burning office :-)
Post a Comment