Forms on multiple pages on this site are insecure (ie. not https)
submitted by
fosh, 04:34, 12 August 2023
TOPIC: |
maybe a bug |
STATUS: |
opened |
PRIORITY: |
high |
Description:
Multiple HTML forms on h-node.org are insecure (HTTP).
To see this, inspect the HTML on the Edit Profile page or the page that I'm using right now to submit this issue. Ie:
https://h-node.org/issues/viewall/en/1/token
Tor Browser users are warned with a pop up about this so I'm assuming that noone here cares enough about their privacy to use Tor against govt and ISP repression and data collection, which is unfortunate.
To temporarily solve this issue, I hack the HTML by changing 'http' to 'https', after which time the connection can be made securely. When using a proper browser like Tor its important the connection is secure or malicious Exit Nodes will be in a position to see or even alter what is communicated.
For the protection of valued volunteers, this ought be fixed asap.