First  Prev  1  2  Next  Last
26307 cr points
Send Message: Send PM GB Post
29 / M / A Pale Blue Dot
Offline
Posted 3/14/17
Steam has this same problem: they seem to think securing only a portion of the site is sufficient. It is not. MitM attacks against a user browsing non-secured pages can replace links to secured areas, sending the user to the attacker's server.

Please implement sitewide HTTPS.
15 cr points
Send Message: Send PM GB Post
Offline
Posted 5/13/17
It should indeed be implemented site-wide.

Do you guys remember firesheep?
https://en.wikipedia.org/wiki/Firesheep

I'm seriously disappointed with Crunchyroll's service. HTTPS force disabled on anything non account related. Buggy manga app. Resource hogging and crash happy flash player. What are you guys doing? Fire your CTO please.
15 cr points
Send Message: Send PM GB Post
Offline
Posted 5/23/17 , edited 5/23/17
Meanwhile Firefox agrees you're doing it wrong.



Maybe Crunchyroll is deliberately trying to get accounts stolen from people using a proxy to avoid licensing problems in their area?
13826 cr points
Send Message: Send PM GB Post
☆Land of sweets☆
Offline
Posted 5/23/17
it's worth noting that Cloudflare, which CR relies on to provide content, have an entire page explaining why sites need to switch to https
https://www.cloudflare.com/ssl/
they offer free SSL as well as custom SSL. from what i recall, CR will switch to full https once they migrate the data into the new infrastructure. no time frames were given, so it could happen within a year...or after a decade or two. probably the latter.
29052 cr points
Send Message: Send PM GB Post
23 / M / Between Love and...
Offline
Posted 6/13/17
a vote of no confidence i take it...
1020 cr points
Send Message: Send PM GB Post
23 / M
Offline
Posted 10/19/17
Months on, no updates.
For a premium service this is pretty unacceptable to be honest, you can even get https certificates for free. (letsencrypt)
Also Flash, it's like CR thinks it's 2003...
108253 cr points
Send Message: Send PM GB Post
57 / M / U.S.A. (mid-south)
Offline
Posted 10/19/17

BilbyFactor wrote:

Also Flash, it's like CR thinks it's 2003...

Rather overstated. Back in 2003, Flash video was the new hotness, since it was only introduced a year prior.

It was also a big improvement over anything that came before it, which is why it became the standard for online video and has hung around so long.

1020 cr points
Send Message: Send PM GB Post
23 / M
Offline
Posted 10/19/17
My point stands, that was 14 years ago,
and it just isn't the standard anymore.
HTML5 natively allows video to be embedded.

It's not like swapping it out for a HTML5 player would be a big overhaul either, since the back end wouldn't need to change.

Flash has no place in current year.
First  Prev  1  2  Next  Last
You must be logged in to post.