Of course, and that's what we're looking to do - which is easy if we disallow remote content... was trying to work around that a bit as posting remote content helps a community thrive in many instances.
It's still on my list of things to look into either this week or early next week. At the absolute very least we can force the login POST action to always go over an encrypted connection (for the client <> server password exchange) which is better than nothing... outside of the browser warnings...
Thank you for the responses. We'll likely leave this as is for now, securing the login page, but it would be a nice addon or standard feature in the future for consideration considering the security implications.
Hi,
We're looking to move a XF installation to be 100% secure (eg. everything behind SSL) but issues persist due to user content that is served from non-secure URL's. Is anyone aware of a solution to this that already exists - such as caching the content and then serving securely?
To be...
Hi,
We've recently migrated from VB to XF and have since noted an issue with converted posts. Our (converted) posts with quoted text now have the following BB code stored:
[FONT=Trebuchet MS][SIZE=11px][SIZE=13px][FONT=Verdana][CODE]