security risk: no http->https redirection on spotternetwork.org

Discussion in 'Bug Reports & Feature Requests' started by James Hammett, Jun 23, 2018.

  1. James Hammett

    Joined:
    Sep 25, 2006
    Messages:
    255
    Likes Received:
    43
    I noticed http://www.spotternetwork.org/login doesn't redirect to https. This is a security risk since it's prompting you to enter your credentials over an insecure connection. The SpotterNetwork app links to http rather than https for reporting so each time I have to change the URL before logging in.
     
  2. John Wetter

    John Wetter SN President
    Staff Member

    Joined:
    Dec 11, 2005
    Messages:
    740
    Likes Received:
    29
    Thanks James. Yes, we had a redirect there but it was causing other issues. The latest version of the SN app sends all data via HTTPS.
     
  3. James Hammett

    Joined:
    Sep 25, 2006
    Messages:
    255
    Likes Received:
    43
    Ah, I figured the newer app might link to HTTPS. Unfortunately I had a problem with it and had to revert. Don't recall exactly what it was but it involved dependencies and a ton of errors popping up.
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice