Is it possible to choose NOT to use secure connection while browsing the forum?

[engkin]

Today browsing the forum using HTTP gets redirected to HTTPS. Anyway to choose not to get redirected?

[Thaddy]

Basically no: the http page is just a redirect page to a https server protected content. Any reason why you want to browse as http?
Since the forum is scripted content that is a security risk/attack vector w/o https. Http content is only really safe serving static pages.
That doesn't mean the forum has known vulnerabilities of course, but username, password, scripting and underlying databases should always be  https.

[PascalDragon]

Also HTTPS is essentially a requirement if one wants to comply with the European GDPR as the forum is providing forms that the user is entering data in.

[Thausand]

http no can do when make fix here https://forum.lazarus.freepascal.org/index.php/topic,44413.0.html

Before can do when https://www.freepascal.org/ then click lazarus forum.

I think that also why not work mailreader and wp kind make fix. Also not work freepascal package manager and there no fix  (https://forum.lazarus.freepascal.org/index.php/topic,44955.0.html)

Is work many year http and no secure login. GDPR activate 2016 and forum not work https only made by fix day ago so i think that no reason

[rvk]

Is work many year http and no secure login. GDPR activate 2016 and forum not work https only made by fix day ago so i think that no reason

The fact that it worked for those years is not a reason why it was the 'correct way'.

Using http was just wrong (when logged in) and the forum was at fault all those years.
There where also 2 forum-urls which made the whole thing even more confusing.

I often had a mail-notification with a http-link and was prompted to login if I wanted to reply. The login was on http and was INSECURE !!!

That's why all the urls now redirect to https and to one domain-name. Consistency.

Almost all sited on the internet redirect to their https counterparts of you visit the http.
So could someone give a good reason not to use https?

As stated, the mailreader is already fixed.
Technically, the redirection could be done only if there is no ?IWantAnInsecureSite=1 in the url, but does someone really want that (for a good reason)?

[Thausand]

Using http was just wrong (when logged in) and the forum was at fault all those years.

Yes. Agree.

There where also 2 forum-urls which made the whole thing even more confusing.
I often had a mail-notification with a http-link and was prompted to login if I wanted to reply. The login was on http and was INSECURE !!!

That's why all the urls now redirect to https and to one domain-name. Consistency.

yes i know. Now not confuse more. Is good 

Almost all sited on the internet redirect to their https counterparts of you visit the http.
So could someone give a good reason not to use https?

Only when program not good work. For me is only reason. I not know reason user engkin.

I no have problem make secure website and make secure login. That good. I think change not think about basic program now make error (and need fix?) Then is late because already GPDR activate 2016, not day ago. I sorry. I mean joke but i not make good joke. 

[rvk]

I think change not think about basic program now make error (and need fix?)

What program makes an error for you?

The mailreader is already fixed so that shouldn't be a problem anymore.

[Thausand]

What program makes an error for you?

I write fppkg https://forum.lazarus.freepascal.org/index.php/topic,44955.0.html

I need write i no 100% sure is relate change http to https when fppkg say redirect error. I think is. Maybe i wrong and then i sorry.

[rvk]

What program makes an error for you?

I write fppkg https://forum.lazarus.freepascal.org/index.php/topic,44955.0.html

Yes, that should be fixed too.

[Thausand]

What program makes an error for you?

I write fppkg https://forum.lazarus.freepascal.org/index.php/topic,44955.0.html

Yes, that should be fixed too.

Thanks for help rvk. I write other thread link not confuse thread here.

[engkin]

Thank you all for your responses. It seems there is no way to choose to disable secure connections while browsing non-sensitive data.

I assume it is required to protect sensitive data, like user names and passwords for security reasons or to comply with GDPR. I have no problem with that part. Reasonable and totally understandable.

As for the reason behind my question, I can not claim to have one that is good for everyone.

Considering the forum is accessed by wide range of people, not limited to a specific geographical location, the recent change will affect some of us.

On my side, I did notice a small delay in loading pages. Like 2~3 seconds more than usual. Check the attached image. Probably I'll get used to it or find my own solution.

Also:

https://forum.lazarus.freepascal.org/index.php/topic,*/prev_next,next.html  ---> Prefetch Forbidden - 403

https://code.jquery.com/jquery-1.10.1.min.js

[rvk]

On my side, I did notice a small delay in loading pages. Like 2~3 seconds more than usual. Check the attached image. Probably I'll get used to it or find my own solution.

O, wow. Yeah, that's really slow.

Even with the cache disabled, I don't come close to those numbers.
And with caching on it is even faster.
Are you sure there isn't something in the way on your computer?

The "prev_next,next.html" might be another issue. Not sure what it does.
https://www.simplemachines.org/community/index.php?topic=507872.0

[engkin]

Tracing the route:

Tracing route to forum.lazarus.freepascal.org [37.97.187.115]
over a maximum of 30 hops:

  1     *        *        *     Request timed out.
  2     *        *        *     Request timed out.
  3   615 ms   340 ms   370 ms  10.0.165.1
  4   316 ms   379 ms   359 ms  10.198.33.209
  5   322 ms   358 ms   340 ms  10.170.221.5
  6   325 ms   379 ms   359 ms  10.170.221.10
  7   324 ms   381 ms   377 ms  10.164.162.184
  8   322 ms   381 ms   419 ms  10.164.165.57
  9   362 ms   421 ms   419 ms  10.164.165.58
 10   367 ms   437 ms   421 ms  10.177.5.52
 11   335 ms   400 ms   397 ms  10.164.165.105
 12   350 ms   379 ms   389 ms  128.177.108.241
 13   436 ms   379 ms   379 ms  64.125.29.120
 14   332 ms   376 ms   361 ms  64.125.31.22
 15   349 ms   419 ms   399 ms  64.125.14.70
 16   439 ms   520 ms   518 ms  129.250.5.193
 17   394 ms   390 ms   429 ms  129.250.2.132
 18   477 ms   507 ms   669 ms  129.250.6.163
 19   433 ms   479 ms   499 ms  129.250.4.120
 20   452 ms   479 ms   461 ms  81.20.69.186
 21   435 ms   479 ms   523 ms  157.97.168.5
 22   451 ms   519 ms   480 ms  77.72.151.127
 23   489 ms   517 ms   541 ms  77.72.151.77
 24   443 ms   578 ms   509 ms  packages.lazarus-ide.org [37.97.187.115]

[rvk]

Tracing the route:

Tracing the route shouldn't say much about http or https. Both will need to go over the same hops. So that shouldn't make the difference.

Maybe the problem is forum.lazarus.freepascal.org itself for you. In the past there was also the forum.lazarus-ide.org forum.
But forum.lazarus-ide.org is now redirected to forum.lazarus.freepascal.org.

But even so... your numbers do seem a little high.

Code: Pascal  [Select][+][-]

1. root@space01:~# traceroute -n forum.lazarus.freepascal.org
2. traceroute to forum.lazarus.freepascal.org (37.97.187.115), 30 hops max, 60 byte packets
3.  1  * * *
4.  2  * * *
5.  3  * 213.51.180.77  16.707 ms *
6.  4  * * 84.116.194.29  12.890 ms
7.  5  * * *
8.  6  * 84.116.130.97  12.598 ms  16.258 ms
9.  7  37.139.139.240  12.968 ms  12.666 ms  12.920 ms
10.  8  37.139.140.235  13.211 ms  12.246 ms  12.899 ms
11.  9  157.97.168.8  12.622 ms  12.814 ms  13.587 ms
12. 10  77.72.151.123  17.576 ms 77.72.151.121  31.437 ms 77.72.151.123  18.325 ms
13. 11  * * *
14. 12  * * *
15. 13  * * 37.97.187.115  27.303 ms
16. root@space01:~#

Code: Pascal  [Select][+][-]

1. C:\Users\Rik>tracert -d forum.lazarus.freepascal.org
2.  
3. Tracing route to server.lazarus-ide.org [37.97.187.115]
4. over a maximum of 30 hops:
5.  
6.   1    <1 ms    <1 ms    <1 ms  192.168.1.1
7.   2     *        *        *     Request timed out.
8.   3    12 ms    10 ms    17 ms  213.51.180.77
9.   4    13 ms    12 ms    10 ms  84.116.194.29
10.   5     *        *        *     Request timed out.
11.   6    11 ms    12 ms    11 ms  84.116.130.97
12.   7    12 ms    13 ms    12 ms  37.139.139.240
13.   8    12 ms    12 ms    13 ms  37.139.140.231
14.   9    14 ms    12 ms    11 ms  157.97.168.8
15.  10    27 ms    32 ms    75 ms  77.72.151.123
16.  11    23 ms    34 ms    23 ms  77.72.151.77
17.  12    11 ms    11 ms    13 ms  37.97.187.115
18.  
19. Trace complete.

[engkin]

Tracing the route:

Tracing the route shouldn't say much about http or https. Both will need to go over the same hops. So that shouldn't make the difference.

Maybe the problem is forum.lazarus.freepascal.org itself for you. In the past there was also the forum.lazarus-ide.org forum.
But forum.lazarus-ide.org is now redirected to forum.lazarus.freepascal.org.

But even so... your numbers do seem a little high.

HTTPS involves more packets/data than HTTP, which aggravates the already slightly slow connection with the forum.

Now with your figures I have a better idea about reasonable shortest period on my side.