[Security] "... introducing yourself ..." In lobby links to the unsecured Hedgewars website.

1 reply [Last post]
UltiMaxKom
UltiMaxKom's picture
User offline. Last seen 4 years 47 weeks ago. Offline
Joined: 2016-06-26
Posts: 381

The link to the introduction thread in the "Let us know more about you by introducing yourself! :D" line provided on the online lobby sends players to the unsecured side of Hedgewars. Hackers might take chance here by asking new players to make an account and introduce themselves on the unencrypted site, or etcetera.

Is this fine?
If it is then okay, I just making sure about it.

╟───NW──────┼──────N╢

╓──────────────────╖ ╓──────────────────╖
⠀HP: ██████████ 1E9/1E91E9/1E9 ██████████ :MP
╙──────────────────╜ ╙──────────────────╜

Wuzzy
Wuzzy's picture
User offline. Last seen 28 weeks 1 day ago. Offline
Joined: 2012-06-20
Posts: 1304

Do you mean http:// vs https://?

Well, in that case, you are almost correct. You just picked the wrong link. Smile

The introduction link in the MOTD is:

https://hedgewars.org/hello

But there's still a http:// link in the MOTD:

http://www.hedgewars.org/node/1312#move

Yes, this should be fixed, there is no reason to use the http:// link. Thanks for noticing.

Hi, I am a Hedgewars developer. Smile

User login

Copyright © 2004-2024 Hedgewars Project. All rights reserved. [ contact ]