Extension using HTTPS Anywhere database

Looking for an Extension? Have an Extension request? Post your request here for help. (Note: This forum is community supported; while there is an Extensions Development Team, said team does not dedicate itself to handling requests in this forum)
Anti-Spam Guide
Post Reply
User avatar
John connor
Registered User
Posts: 2115
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Extension using HTTPS Anywhere database

Post by John connor » Thu Mar 21, 2019 8:01 am

This is not an extension I need myself, but an idea I have for others that may have trouble with mixed content on their board using HTTPS. I use CloudFlare myself, and in its settings I have an option to fix mixed content. Apparently, CloudFlare achieves this by using the HTTPS Anywhere Firefox add-on database and something else which I don't know. So I thought rather than a user that doesn't use CloudFlare having to roll out some complicated proxy to fix non-HTTPS links, what if an extension can be created that utilizes the HTTPS Anywhere database and rewrites HTTP links that are not secure on the fly if those links have an HTTPS link available? This is in essence how CloudFlare works to fix mixed content.

Sounds like a good idea and I think it might just be achievable. Plus, it will help a lot of people out who suffer with mixed content warnings, and the extension should be relatively simple. If I knew PHP and how to code phpBB extensions I'd do it myself, but alas I don't.

Thanks for reading and your consideration.

Senky
Extension Customisations
Extension Customisations
Posts: 2123
Joined: Thu Apr 30, 2009 8:49 pm
Name: Jakub
Contact:

Re: Extension using HTTPS Anywhere database

Post by Senky » Thu Mar 21, 2019 8:42 am

Funny that you ask just now when I recently created Mixed Content Fixer extension which (apart from the other attempts) implements HTTPS proxy directly - no settings, no additional installations. It is paid, but for as low as a handful of change, though. :)

User avatar
John connor
Registered User
Posts: 2115
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Extension using HTTPS Anywhere database

Post by John connor » Fri Mar 22, 2019 8:33 am

How does it proxy and HTTPS the links, and is it only for images?

Senky
Extension Customisations
Extension Customisations
Posts: 2123
Joined: Thu Apr 30, 2009 8:49 pm
Name: Jakub
Contact:

Re: Extension using HTTPS Anywhere database

Post by Senky » Fri Mar 22, 2019 8:45 am

John connor wrote:
Fri Mar 22, 2019 8:33 am
How does it proxy...
It uses built-in proxy with 1-day cache layer. I plan to add option to disable cache layer as well as use external proxy.

John connor wrote:
Fri Mar 22, 2019 8:33 am
...HTTPS the links...
It doesn't change link since links don't cause mixed content warnings.

John connor wrote:
Fri Mar 22, 2019 8:33 am
...is it only for images?
Yes, for now. But support for other formats can be adde easily (although I can't imagine proxying video, that would break your server fast probably).

fagbutlil
I've Been Banned!
Posts: 77
Joined: Wed Mar 07, 2018 10:56 pm

Re: Extension using HTTPS Anywhere database

Post by fagbutlil » Tue Mar 26, 2019 11:45 pm

I use this https://github.com/phpbb-de/phpbb-ext-e ... -as-linkno more mixed contents for me any more either.

User avatar
John connor
Registered User
Posts: 2115
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Extension using HTTPS Anywhere database

Post by John connor » Sat Jun 15, 2019 1:09 am

I get a 404 with that link.

Mellx1
Registered User
Posts: 7
Joined: Fri Feb 08, 2019 7:45 am

Re: Extension using HTTPS Anywhere database

Post by Mellx1 » Sat Jun 15, 2019 1:57 am


User avatar
canonknipser
Registered User
Posts: 1995
Joined: Thu Sep 08, 2011 4:16 am
Location: Germany
Name: Frank Jakobs
Contact:

Re: Extension using HTTPS Anywhere database

Post by canonknipser » Sat Jun 15, 2019 7:13 am

Greetings, Frank
phpbb.de support team member
English is not my native language - no support via PM or mail
New arrival - Extensions and scripts for phpBB

dingus33
Registered User
Posts: 68
Joined: Fri Sep 29, 2017 11:11 am

Re: Extension using HTTPS Anywhere database

Post by dingus33 » Sat Jun 15, 2019 11:29 pm

i personally couldn't care less about mixed content warnings. i think it's good that browsers make you aware of mixed content issues, but imho, it's not the responsibility of our forums to "fix" these warnings just for the sake of having no warnings display. mixed content isn't necessarily a problem.

however, i think proxying all external images (and other embedded resources) is a useful feature for privacy reasons. if it's a forum where privacy is paramount, it's a good idea to shield your users from surveillance by any and all monitoring by external servers via client requests. i think it's a shame that such extensions/efforts are presented primarily as a solution to mixed content warnings -- the real solution to this 'problem' is user education about what these warnings actually mean.

and yes, i do think that having an extension that rewrites links in posts (if possible) like the EFF's HTTPS Everywhere (not 'anywhere') tool is a great idea. if there is a https version of a link/resource available, it's probably in your users' best interests to use it. but it's not a replacement for image proxying. https-everywhere and image proxying are solutions to two related problems and could be used separately or in tandem.

also potentially of interest to some forums: removing referer from request headers so that when users follow links to external sites, the external site isn't aware that the user came from your forum. implementing this correctly however could require a redirector on a separate domain. that way, i think you can take care of Origin too.

User avatar
John connor
Registered User
Posts: 2115
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Extension using HTTPS Anywhere database

Post by John connor » Sun Jun 16, 2019 6:21 am

I have a BBcode for omitting the referrer. If you want it I can post it.

Mixed content is in fact the responsibility of the website owner and should be taken care of. This site has done that and so do I using CloudFlare. But to those that don't use CloudFlare, an extension that can utilize the HTTPS Everywhere database would be nice.

Holger
Registered User
Posts: 1739
Joined: Tue Mar 12, 2002 3:54 pm
Location: Hannover

Re: Extension using HTTPS Anywhere database

Post by Holger » Mon Jun 17, 2019 7:35 am

dingus33 wrote:
Sat Jun 15, 2019 11:29 pm
i personally couldn't care less about mixed content warnings. i think it's good that browsers make you aware of mixed content issues, but imho, it's not the responsibility of our forums to "fix" these warnings just for the sake of having no warnings display. mixed content isn't necessarily a problem.
It is very annoying for your users and does not add to the good user experience.
So I try to fix such things as much as possible.

Post Reply

Return to “Extension Requests”