security risk: no http->https redirection on spotternetwork.org

Discussion in 'Bug Reports & Feature Requests' started by James Hammett, Jun 23, 2018.

  1. James Hammett

    Joined:
    Sep 25, 2006
    Messages:
    248
    Likes Received:
    41
    I noticed http://www.spotternetwork.org/login doesn't redirect to https. This is a security risk since it's prompting you to enter your credentials over an insecure connection. The SpotterNetwork app links to http rather than https for reporting so each time I have to change the URL before logging in.
     
  2. John Wetter

    John Wetter SN President
    Staff Member

    Joined:
    Dec 11, 2005
    Messages:
    717
    Likes Received:
    26
    Thanks James. Yes, we had a redirect there but it was causing other issues. The latest version of the SN app sends all data via HTTPS.
     
  3. James Hammett

    Joined:
    Sep 25, 2006
    Messages:
    248
    Likes Received:
    41
    Ah, I figured the newer app might link to HTTPS. Unfortunately I had a problem with it and had to revert. Don't recall exactly what it was but it involved dependencies and a ton of errors popping up.
     

Share This Page