[Security] "... introducing yourself ..." In lobby links to the unsecured Hedgewars website.
Thu, 2019-12-12 10:11
The link to the introduction thread in the "Let us know more about you by introducing yourself! :D" line provided on the online lobby sends players to the unsecured side of Hedgewars. Hackers might take chance here by asking new players to make an account and introduce themselves on the unencrypted site, or etcetera.
Is this fine?
If it is then okay, I just making sure about it.
╟───NW──────┼──────N╢
╓──────────────────╖ ╓──────────────────╖
⠀HP: ██████████ 1E9/1E91E9/1E9 ██████████ :MP
╙──────────────────╜ ╙──────────────────╜
Do you mean http:// vs https://?
Well, in that case, you are almost correct. You just picked the wrong link.
The introduction link in the MOTD is:
https://hedgewars.org/hello
But there's still a http:// link in the MOTD:
http://www.hedgewars.org/node/1312#move
Yes, this should be fixed, there is no reason to use the http:// link. Thanks for noticing.
Hi, I am a Hedgewars developer.