 You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
My padlock is missing when I browse the gravel bike post.
https://singletrackmag.com/forum/topic/gravel-bike-flat-bar-drop-bar/
Seems to be OK on a random selection of other topics. Anyone else getting the same?
{Android 10, Chrome)
Aha - not secure on this post now. Looks like it might have something to do with linking to other posts.
Never mind my insecurity, where has the right hand side bar gone? Â Without that I may never visit the rest of the site again, not even tomorrows FGF
Never mind my insecurity, where has the right hand side bar gone?
Good spot!
Probably because the previously linked thread contains a non-HTTPS image. If you link to that thread, it will also embed the image in the new thread.
I've emailed the Tech guys.
Without that I may never visit the rest of the site again
There is a site?
There is a site?
Just a rumour...
Had this problem for a while now on my Kindle Fire using the Silk browser. I think it's a problem with their security certificate. I can use Chrome browser but it is not secure.
Same for me...
Probably because the previously linked thread contains a non-HTTPS image. If you link to that thread, it will also embed the image in the new thread.
Give the man a gold star, that's the right answer.
Had this on my forum recently when someone use Fuelly in their signature as it's not HTTPS. Which then turns all their theads into HTTP.
Yeah, CraigW has it.
It's not a problem with the certificate, or indeed the site. Rather, the pages served by STW are secure but links / embedding from other sites is not. Ie, there's a third party element which is being delivered over http: instead of https: The browser isn't saying that the page is insecure, rather that it's not 100% secure.
Which, I've just found and fixed. It's all hols2's fault. (-:
singletrackworld.com/forum/topic/i-still-cant-makes-sense-of-dropbars-off-road/#post-10671302
They had a link to an image explicitly forcing http even though their host site supports https so I've added the 's' into the URL and bingo bongo. The post is over a year old so it's entirely possible that the site wasn't https-enabled at the time of posting.
Curious how far down the rabbit hole I had to go to find that though. It was like three or four embeds deep.
This is the page content I get on Silk:
"<span style="font-size: 0.8rem;">singletrackworld.com normally uses encryption to protect your information. When Silk tried to connect to singletrackworld.com this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be singletrackworld.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Silk stopped the connection before any data was exchanged.</span>
<p id="final-paragraph">You cannot visit singletrackworld.com right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."</p>
This has been the same for weeks.