Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Blog
Q&A
Posts Tags Edits
Ask Question

Welcome to Codidact Meta!

Codidact Meta is the meta-discussion site for the Codidact community network and the Codidact software. Whether you have bug reports or feature requests, support questions or rule discussions that touch the whole network – this is the site for you.

Comments on Allowing arbitrary image links causes security warnings

Parent

Allowing arbitrary image links causes security warnings

+1
−0

screenshot

This question's page shows up as not secure on my computer.

I believe it is due to this answer. When I look in the console, it warns that the images on it were loaded insecurely (since the image link is http instead of https).

Console log

I can understand if you don't want to host all the images yourselves (hosting costs money), but having unsecure pages doesn't really inspire confidence.

feature-request images security
posted about 4 years ago
4y ago
user card
Moshi‭
101 48 682 242
History
Why does this post require attention from curators or moderators?
You might want to add some details to your flag.
Why should this post be closed?

1 comment thread

General comments (1 comment)
Post
+3
−0

Codidact is set up for image hosting. It doesn't cost much at the current level of usage. However, if a user puts in a link we don't currently prevent that (may or may not be advisable to allow 3rd-party image hosting, that is a separate discussion) and that combines with, in this case, the 3rd-party image hosting not having a valid certificate and, therefore, the link is http: and can't be changed to https: without causing errors for everyone.

Markdown, for better or worse, lets people who know how to use it insert image links like these. Not sure of the solution - but the problem is not "don't want to host all the images yourselves".

posted about 4 years ago
user card
manassehkatz‭ staff
20 29 235 23
History
Why does this post require attention from curators or moderators?
You might want to add some details to your flag.

1 comment thread

General comments (2 comments)
General comments
Moshi‭ wrote about 4 years ago
copy link

"may or may not be advisable to allow 3rd-party image hosting, that is a separate discussion" I see... should I edit my post to allow discussion of whether to block 3rd-party images? Or should I just make another post for it

Monica Cellio‭ wrote about 4 years ago
copy link

To explain how it got there in this case: someone provided a link to an image in a comment, I wanted to incorporate the image into the answer, and I didn't want to save it just to upload it so I instead used the URL directly. When our image-upload process can accept a URL and not just a file, this problem would go away -- but until people can paste in a URL and have the image end up on our hosting, people will probably do this for expedience at times. (I didn't notice it wasn't https.)