[HTTPS-Everywhere] Overriding warning about insecure form submission
Colonel Graff
graffatcolmingov at gmail.com
Fri Jun 3 06:16:17 PDT 2011
On Thu, Jun 2, 2011 at 5:36 PM, Seth David Schoen <schoen at eff.org> wrote:
> A small number of sites have hardcoded form submission targets to
> use HTTP URLs, which generates a warning that
>
> Although this page is encrypted, the information you have entered is
> to be sent over an unencrypted connection and could easily be read by
> a third party.
>
> https://www.abebooks.com/
>
> (enter an author and click "Find Book").
>
I know you cannot test this, but that error appears when booksellers try to
upload their inventory and it actually DOES prevent the upload from
occurring. After disabling the ruleset, I never had the chance to go back
and test it on my client's computer to find out why. Disabling the warning
might mislead any other booksellers who may be using HTTPS Everywhere
and selling on Abebooks since they may not understand why the upload will
not be processed. I realize that it is likely that very few people who
currently
use HTTPS Everywhere experience this behavior which is why I'm the only
person bringing the issue up, but if the number of people using it grows to
include enough people, it will likely become a major factor in their
decision
to either use or not use HTTPS Everywhere.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20110603/2dd8b537/attachment.html>
More information about the HTTPS-everywhere
mailing list