Discuss Scratch
- Discussion Forums
- » Bugs and Glitches
- » Images with HTTP on Scratch Forums cause "Not secure" warning
![[RSS Feed]](//cdn.scratch.mit.edu/scratchr2/static/__9c6d3f90ec5f8ace6d3e8ea1e684b778__//djangobb_forum/img/feed-icon-small.png "[RSS Feed]")
![[RSS Feed]](http://cdn.scratch.mit.edu/scratchr2/static/__9c6d3f90ec5f8ace6d3e8ea1e684b778__//djangobb_forum/img/feed-icon-small.png "[RSS Feed]"){kind=icon}
- Ezlambry
-
Scratcher
100+ posts
Images with HTTP on Scratch Forums cause "Not secure" warning
While browsing the Scratch discussion forums, on one page I noticed that in the top left of my browser, it said “Not secure,” even though I knew that I was connected to an HTTPS connection. So, I opened up the console, it said:
I looked at one of the image's sources, and sure enough, the cubeupload URL started with "http://“ instead of ”https://“.
While I believe this should be fixed on cubeupload's end, I think that it should be required that images start with ”https://" when putting them into posts & signatures or automatically change whenever you submit a post, because cubeupload already supports HTTPS, it just gives you the HTTP link.
My browser / operating system: Windows NT 10.0, Chrome 84.0.4147.125, No Flash version detected
Mixed Content: The page at '<URL>' was loaded over HTTPS, but requested an insecure image '<URL>'. This content should also be served over HTTPS.
A cookie associated with a cross-site resource at http://cubeupload.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
While I believe this should be fixed on cubeupload's end, I think that it should be required that images start with ”https://" when putting them into posts & signatures or automatically change whenever you submit a post, because cubeupload already supports HTTPS, it just gives you the HTTP link.
My browser / operating system: Windows NT 10.0, Chrome 84.0.4147.125, No Flash version detected
- Discussion Forums
- » Bugs and Glitches
-
» Images with HTTP on Scratch Forums cause "Not secure" warning