Jedi 571 Posted July 12, 2017 54 minutes ago, Poke said: Not sure if this was the cause, but all game bans seem to be broken It's reported. He will fix it. Share this post Link to post Share on other sites
Voymo 15 Posted July 12, 2017 Grid app: When I click on here it says this: http://prntscr.com/fuwhp1 Hearts game: Is this normal? http://prntscr.com/fuwjse Share this post Link to post Share on other sites
Admin 1638 Posted July 12, 2017 thanks for reports and updating bug list https off 2 Share this post Link to post Share on other sites
adam_ 88 Posted July 13, 2017 On 11/07/2017 at 1:03 PM, Jedi said: - tinypic doesn't support https, that's a problem, xat can't be 100% https if users are still using this service. Incorrect, tinypic and other non-ssl hosts could still be used for image hosting if xat delivered the data through their own servers (by requesting the data using their own servers, and transmitting it to the user). A historic example of xat using their own server as a gateway to image hosts can be seen in their old GetImage5.php file (http://i0.xat.com/web_gear/chat/GetImage5.php). Forcing users to adapt to an SSL supported host will only frustrate users, a very bad suggestion from you to cut Tinypic access, Jedi. Share this post Link to post Share on other sites
Stif2 152 Posted July 13, 2017 I don't know if it's related, but in the past weeks, when i try access reglinks of IDs in the same browser, in the ID box shows my id; (obviously if i try complete it, will say that the id is already registered) But when i try in the anonymous mode (google chrome), it don't show the ID box, we can proceed with the registration and finish it but it don't show the ID; (causing doubts in buyers, as example) I've noticed that it is happening with everyone and with all the IDs, so the cause it's not a reglink issue, proofs: http://prntscr.com/fpdlzz (example in the same browser) http://prntscr.com/fpdng6 (example in anonymous mode) I covered the k1 and k2 due to the fact of prntscr and imgur be a public directory. Share this post Link to post Share on other sites
Jedi 571 Posted July 13, 2017 3 hours ago, adam_ said: Incorrect, tinypic and other non-ssl hosts could still be used for image hosting if xat delivered the data through their own servers (by requesting the data using their own servers, and transmitting it to the user). A historic example of xat using their own server as a gateway to image hosts can be seen in their old GetImage5.php file (http://i0.xat.com/web_gear/chat/GetImage5.php). Forcing users to adapt to an SSL supported host will only frustrate users, a very bad suggestion from you to cut Tinypic access, Jedi. That means 2 requests -> more delay to get the image. 1 hour ago, Stif said: I don't know if it's related, but in the past weeks, when i try access reglinks of IDs in the same browser, in the ID box shows my id; (obviously if i try complete it, will say that the id is already registered) But when i try in the anonymous mode (google chrome), it don't show the ID box, we can proceed with the registration and finish it but it don't show the ID; (causing doubts in buyers, as example) I've noticed that it is happening with everyone and with all the IDs, so the cause it's not a reglink issue, proofs: http://prntscr.com/fpdlzz (example in the same browser) http://prntscr.com/fpdng6 (example in anonymous mode) I covered the k1 and k2 due to the fact of prntscr and imgur be a public directory. register.php is reading info from cookie. That's why you can register an id in anonymous mode. Share this post Link to post Share on other sites
Fiona 571 Posted July 13, 2017 @Admin Promoting a chat group doesn't work... Share this post Link to post Share on other sites
Jedi 571 Posted July 13, 2017 8 minutes ago, Fiona said: @Admin Promoting a chat group doesn't work... @Fiona he just fixed it, can you try again and tell me if it works ? Share this post Link to post Share on other sites
Fiona 571 Posted July 13, 2017 Just now, Jedi said: @Fiona he just fixed it, can you try again and tell me if it works ? Fixed. Thanks 1 Share this post Link to post Share on other sites
LaFleur 2759 Posted July 13, 2017 7 hours ago, adam_ said: Forcing users to adapt to an SSL supported host will only frustrate users, a very bad suggestion from you to cut Tinypic access, Jedi. Its time to get rid of tinypic, its an outdated image host. 1 Share this post Link to post Share on other sites
Voymo 15 Posted July 13, 2017 2 hours ago, Fiona said: Fixed. Thanks @Admin Share this post Link to post Share on other sites
Stif2 152 Posted July 13, 2017 @Jedi So if i clear my cookies it will work again? Share this post Link to post Share on other sites
Jedi 571 Posted July 13, 2017 27 minutes ago, Stif said: @Jedi So if i clear my cookies it will work again? Yep. Share this post Link to post Share on other sites
Voymo 15 Posted July 13, 2017 Is this related that all kinds of flags from FLAG power don't work at this moment of posting? Maybe there are other smileys that do not work now, further investigations needed Share this post Link to post Share on other sites
oj 471 Posted July 13, 2017 41 minutes ago, Voymo said: Is this related that all kinds of flags from FLAG power don't work at this moment of posting? Maybe there are other smileys that do not work now, further investigations needed flags work for me can you show them not working Share this post Link to post Share on other sites
Voymo 15 Posted July 13, 2017 20 minutes ago, oj said: flags work for me can you show them not working http://prnt.sc/fv96bd/direct Share this post Link to post Share on other sites
oj 471 Posted July 13, 2017 4 minutes ago, Voymo said: http://prnt.sc/fv96bd/direct ok yeah it's set for https so like a couple other things it won't work on http Share this post Link to post Share on other sites
Jedi 571 Posted July 13, 2017 16 minutes ago, oj said: ok yeah it's set for https so like a couple other things it won't work on http Well, yes and no, it should be // instead of https:// to be sure it works on http and https. 2 Share this post Link to post Share on other sites
oj 471 Posted July 13, 2017 Just now, Jedi said: Well, yes and no, it should be // instead of https:// to be sure it works on http and https. exactly, quite a few things are like that, notably youtube and a few other things Share this post Link to post Share on other sites
Voymo 15 Posted July 13, 2017 35 minutes ago, Jedi said: Well, yes and no, it should be // instead of https:// to be sure it works on http and https. it should not. The chat box + apps imo should be embedded with the https:// code and chat box embeds should be made so the embed code provided by xat is https aswell. Since the admins seemingly plan forcing https:// on all chat groups aswell, it is imo senseless to have the embeds use http still, that breaks the use of it. My idea would also be to just force https:// on sites like: xat.com/login xat.com/name xat.com/buy xat.com/powers xat.com/transfergroup xat webgear editgroup all sites with password inputs. The rest could stay http imo. No need for a https chat box + apps embed then at all anymore. Edit: Besides that "chat box" that is used for login purposes on xat.com/login e.g. Share this post Link to post Share on other sites
Majora 26 Posted July 13, 2017 23 minutes ago, Voymo said: it should not. The chat box + apps imo should be embedded with the https:// code and chat box embeds should be made so the embed code provided by xat is https aswell. Since the admins seemingly plan forcing https:// on all chat groups aswell, it is imo senseless to have the embeds use http still, that breaks the use of it. My idea would also be to just force https:// on sites like: xat.com/login xat.com/name xat.com/buy xat.com/powers xat.com/transfergroup xat webgear editgroup all sites with password inputs. The rest could stay http imo. No need for a https chat box + apps embed then at all anymore. Edit: Besides that "chat box" that is used for login purposes on xat.com/login e.g. I disagree, // is used for urls to assume the base pages protocol, so the url would automatically work for both https and http, there is no inherent need to make them https:// directly. The url should be flexible in the case that the site switches between https and http, things wont break due to mixed content errors. 6 Share this post Link to post Share on other sites
Voymo 15 Posted July 13, 2017 13 minutes ago, Majora said: I disagree, // is used for urls to assume the base pages protocol, so the url would automatically work for both https and http, there is no inherent need to make them https:// directly. The url should be flexible in the case that the site switches between https and http, things wont break due to mixed content errors. Hmm alright, good to know. I thought // makes it http in every case. My bad. Spoiler (Sorry not used to talking to people on my level, from the german community, but you guys here partly seem to be even higher than my level LOL) Share this post Link to post Share on other sites
oj 471 Posted July 13, 2017 5 minutes ago, Voymo said: Hmm alright, good to know. I thought // makes it http in every case. My bad. protocol relative url, if you load assets with // on http://xat.com it'll use http, if you load assets with // on https://xat.com it'll use https Share this post Link to post Share on other sites
Voymo 15 Posted July 13, 2017 3 minutes ago, oj said: protocol relative url, if you load assets with // on http://xat.com it'll use http, if you load assets with // on https://xat.com it'll use https Actually lit Share this post Link to post Share on other sites
Admin 1638 Posted July 13, 2017 7 hours ago, LaFleur said: Its time to get rid of tinypic, its an outdated image host. hopefully tinypic is proxied, if not add it as bug please HTTPS Back on Share this post Link to post Share on other sites
