Let TLS Wait [Paid] [Deleted]

alexD

Well-known member
How does this exactly work?
It removes the input type attribute and adds a special CSS class by using template modifications. Firefox 52 will require some JavaScript whenever the time to support it comes.

He is using javascript to get rid of the warning inserted into the page.
Clearly not, it works even if JavaScript is disabled. Pure HTML and CSS supported by the Chrome browser.
 

rainmotorsports

Well-known member
It removes the input type attribute and adds a special CSS class by using template modifications. Firefox 52 will require some JavaScript whenever the time to support it comes.


Clearly not, it works even if JavaScript is disabled. Pure HTML and CSS supported by the Chrome browser.
I suppose clearly the obfuscated JS you included isn't JS. You invited us to look at the source not install it so I can't tell what it supports lol. Didn't bother checking the XML for template modifications when something else was included that made sense.
 

alexD

Well-known member
That is indeed JavaScript, though it's not used much. Mostly cosmetic stuff.
The add-on can work without that file but the passwords will show in plaintext, in case it's missing in browsers other than Chrome.
 
Last edited:

alexD

Well-known member
That's the trick indeed to make Chrome think there are no passwords transmitting.
 

EQnoble

Well-known member
Read more about this resource...

You may inspect the code before purchasing, which can be found in the archive that is attached to this post.

You may not install or use the add-on without the proper license. Please initiate a Private Conversation with me if you would like to purchase one.
15 euro but if you want to look at the code you can do so first on the honor system I suppose.
 

alexD

Well-known member
The archive uploaded in the OP is not for production.
Only those who purchase a license may install the add-on. Clients get their own archives which are suitable for production.
 

DieselMinded

Well-known member
ill get home on monday , do i install the product you sent me then send you $?

how can i test? how do i know its working?

thanks
 

alexD

Well-known member
It's plug and play really. I'm not sure how soon will google analytics show you that the warning is gone, but the same warning is no more when using Chrome.
I'll send you a licensed copy in a while.

EDIT: Sent!
 
Last edited:

Chris D

XenForo developer
Staff member
Bit of a bad precedent in my opinion. If you're concerned about the warning, get SSL ASAP. The switch to SSL should take about 30 minutes and at most require the payment of around $10 for an SSL certificate.

I would be very cautious about trying to trick Google in this way. They clearly know already what sites are not using SSL, and what sites are currently transmitting potentially sensitive data over HTTP, I suspect they would take an incredibly dim view of any sites attempting to circumvent that with such a trick.

@Brogan has put together a Broguide that may help some of you that are unsure about the process (linked below).
 

rainmotorsports

Well-known member
For as cheap as an SSL is, trying to trick the browser and Google is a bad idea.
It's not the browser or Google that is really being tricked. It's the end user. I hadn't even thought to factor in this being paid versus the cost of a cert. Our original host would install certificates but the letsencrypt route was not available to us.
 
Top