toggle cbox
STAFF SEARCH
all coding questions belong in our CODING HELP forum, please! as always, keep in mind that we DO NOT ALLOW REQUESTS OF ANY KIND, THIS INCLUDES REQUESTS VIA PM.
shine is a coding-centric resource forum with a focus on helping people like yourself learn how to code! we offer premade templates and skins, as well, we have tons of tutorials and a helpful staff that will answer any questions you have.
ADMIN
LAUZKRISTA
GLOBAL
CHEYHANNAHJOSIESOPHIE
CODING
EVVIETAYTER
PEACEKEEPING
ELENA
GAMEMAKER
BREVAL
ADVERTISING
ALYSSA
the skin and graphics were all created by HANNAH & LAUZ explicitly for SHINE and should not be replicated in any way; please do not derive inspiration from this skin. all work and materials found on this site belong to their respective owners and should not be stolen or recreated in anyway.
SEPTEMBER 11TH please welcome elena to the peacekeeping team!

AUGUST 27TH please welcome tayter to the coding team!

AUGUST 18TH please welcome evvie to the coding team!

LOVED ONES
STAFF SITES

 
closed
New Topic
New Poll

 Shine and HTTPS
aka disco
MEMBER
HTTPS is quickly becoming standard for web browsing, at least with Chrome users as Chrome is marking all non-HTTPS sites as not secure, and limiting features for non-HTTPS sites. I ran into this issue with my code that converts Jcink alerts to browser notifications. Many users are using it on their non-HTTPS boards and finding that it's not working, or early adopters found that it stopped working completely

Good news: Jcink has already enabled HTTPS and every board has an SSL certificate!

the bad news: You have to change your site links to http://<boardname>.jcink.net as *.b1.jcink.com is a legacy url and does not have SSL.

If you view shine with HTTPS, https://shine.jcink.com, the cbox doesn't load nor do the web fonts.

That's easy enough to fix - just update the URLs in your wrappers and CSS to use https (because you can't load HTTP stuff on HTTPS when its embedded in your HTML).

Other things might break like images. Images also have to hosted on a host with HTTPS enabled. Photobucket supports this. Tinypic does not.

Just FYI since a lot of us use Chrome browser and Chrome is the one spearheading these HTTPS changes.

If anyone wants help converting over to HTTPS, feel free to message me.


aka bre
GAMEMAKER
DAVID KING.747 posts gallery EXPERIENCED prefers she/her
i mean not everyone uses chrome though? maybe 50% of users use chrome and the others are mostly using firefox (some opera, explorer, etc people as well). so telling everyone they need to go to https because it makes things easier on chrome is kinda dumb rip since it's not really affecting any other browser.

i, personally, do use chrome and i haven't found anything going wrong code wise or layout wise on sites that use http or https. the only thing is that 'not secure' label that you get but imo it's pretty easy to ignore. i don't even notice it half the time tbh. all the jcink alerts work normally for me and idk how many people would want to be having their jcink alerts pushed to their browser notifications? i know i wouldn't want browser notifications, i'd prefer just the ones already on site - in fact i turn most of the jcink ones off besides to my parent account (for sites with multiple accounts). so i get it being an issue with browser notifications, but i don't know many sites that have that enabled or as an options which means idk how plausible it would be to make everyone change to https when http works just as well besides the 'not secure' label.

https also doesn't allow for domains to be used either which sites that have a steady userbase typically have, so that's likely why not many people have transitioned to the https.

as for shine and why it likely won't happen is there's simply too many things that would need to be changed and it's not that plausible in the long run if things still work for a majority of people. this current skin was coded on chrome and shouldn't have any issues functioning on chrome. previous and future skins are usually coded primarily on firefox and occasionally on chrome, but as long as the correct cross-browser coding are used, there hasn't been many issues outside of some small coding malfunctions.





jan 2018
happy new year friends!

aka hannah
GLOBAL
DONNA TROY.1520 posts gallery INTERMEDIATE prefers
suggesting that we need to change our site's coding to make your code work is the same as if someone suggested we had to change class names in our css because they were trying to use that same class name in their thread template even though ours was clearly pre-existing.

generally, if someone needs outside help fixing how a template works, that's what coding help is for. anything beyond that is the coder's own responsibility. there's nothing wrong with how shine works or how our codes are hosted, and if there were then the entire staff and other members would have said something by now.




aka disco
MEMBER
SSL is becoming the standard for all browsers, not just Chrome, though Chrome is the one driving the standard.

Any site that a user inputs a password will be mandatory to do over SSL

It's not that my codes won't work. It's the fact that ALL Jcink sites won't work soon unless they're viewed via HTTPS. That's why Jcink already made the changes. That's why all new Jcink boards are default enabled for HTTPS instead of HTTP.

Its not a matter of if Shine does this. It's a matter of when. The only thing you have to do is make sure all your external links that get embedded (CSS, Javascript, images, music) is coming from an HTTPS link. Otherwise they don't show up.

What I mean by when though is that soon (maybe less than a year?? these changes are being pushed out fast, plus it's kinda my job to keep up with browsers, I write Javascript libraries and frameworks for a living), if you go to http://<site>.jcink.net or http://<site>.b1.jcink.com - you might not see images (http might be retired for embedded resources, and everything will have to be embedded via https only), you might not get fonts (because google fonts might not be available over http, but you just change the links from http to https and it works, but your browser link has to be https too to load https resources on it), but you will definitely NOT be able to log in ANYWHERE on your site. No cbox, no admin panel (definitely no admin panel), no users, no registration because Jcink upgraded their resources to work over HTTPS so when HTTPS is the standard for any site with a password (any... not just this site, but ALL sites), you don't get a hundred users unable to use the site over HTTP, more when Firefox, Safari, and Edge adopt the standard.

50% of users is massive. Professionally, something that affects just 10% of users is massive.

It's not about me though. It's not about my codes (my bad for using cutting edge browser features. But hey, you might get my browser notifications as a Jcink feature soon, so hey!). It's about functionality of the site -- everyone's site. I don't even run public Jcink board now. I have a premium account that I test things on... in all browsers, not just Chrome.

There's a reason John got free SSL certificates for all the sites. So you can use https://<site>.jcink.net as your URL instead of http://<site>.jcink.net (https://<site>.b1.jcink.com isn't available, he didn't get SSL certificates for b1.jcink.com)

But if you start using https now on your URLs, you'll see that some things are broken. It is my professional suggestion that you start using https NOW instead of LATER because once the first guest complains they can't login anymore because the site is being served over http, and the fix is to for the user to go to https instead http, and site's cbox and font's and images and anything external/embedded that isn't also served over https (the URLs in your wrappers and mini-profiles) doesn't show up. Just put a redirect script in your wrappers for now (which is the Official Jcink solution to this) to redirect http to https until he gets the "push button switch" in the admin panel working for everyone that is the server-side redirect. I'll write a script for it right now if you want (give me 30 minutes).

Like i said before, this was more of an FYI of things that are to come, as I am already experiencing it when I try to use the latest browser technology to make new features. This is just an attempt to get someone to look at the site on the HTTPS url, make note of what's broken over HTTPS (I already pointed out the cbox, and the fonts, but images were brought up on the Official Jcink forum because TinyPic urls don't work on https, but photobucket urls do), and be ready for when it starts, which will be within the year when Chrome rolls it out, which will take down 50% of your users, and then Firefox users, Safari users, Edge users...

I brought it to Shine's attention because since Shine is a Jcink Coding hub, and this is something that will affect all Jcink coders, not just Shine... something that will affect any kind of skinner, web developer, anyone who runs a site that requires a password (or personal information like credit card numbers, etc), then it'd help everyone future-proof their sites and have a resource to come to if they need help future-proofing their Jcink site.

But don't mind me. I just want everyone to change their site so that my codes work.

/s

Edit: I'll just leave this here. Make note of the date.. https://forum.jcink.com/index.php?showtopic=27295


aka lauz
ADMINISTRATOR
DWIGHT FAIRFIELD.11014 posts gallery ELITE prefers she/her
the way in which you approached this topic was arrogant and condescending, at best, so you need to be a bit more aware of how you attempt to convey your concern to us. rather than politely suggesting, your intention appeared to be demanding that we change over, not actually for our own benefit, but for yours. this was already a topic that i'd been looking into myself and was making the preparations to try and work things out--i thank you for your concern, regardless, but perhaps look back and consider the tone you've used and absolutely elitist it sounded. the only issues we're going to have now is that the site is still not secure because of various images being hosted, and i cannot go and demand everyone change their images just so the site will be deemed secure; that is an absolute impossibility with how big the site is and how many members we have that don't even log in anymore. i have also implemented a redirect script, so thank you for the--frankly, sarcastic--offer but it is not required. this is going to be closed and archived and, again, i would suggest you reconsider the way in which you present yourself to people, as this whole interaction was absolutely unappealing.





user posted image user posted image user posted image user posted image user posted image user posted image
aka lauz
ADMINISTRATOR
DWIGHT FAIRFIELD.11014 posts gallery ELITE prefers she/her
COMPLETED/DEAD

thank you for suggesting or asking a question!





user posted image user posted image user posted image user posted image user posted image user posted image
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

options
closed
New Topic
New Poll