Not be able to connect to HTTP links

For privacy reasons, I believe connection to links generated within projects and links in project descriptions using HTTP format should be terminated.

thats not a bad idea, http links can lead to some really bad sites

Like kumi said,not every Http link is a bad link to use

What do you mean by privacy reasons?

when you get the html of a site using the url block, I doubt it runs the html code... wait, it doesn't get the js code for the site, so it's actually a lot safer than you think.

Could you please elaborate this?

In general, I do not see why you may want this to happen. There is no issue with HTTP links if you do not use them and if a link uses HTTP, it just means that the information that is sent to the server is not encrypted.

No, Snap! enforces HTTPS. As such, your project's link will only be using HTTP when you type it using the HTTP protocol (or do not use any protocol at all, which will make the most popular browsers try with HTTP first).

What's the difference between a HTTP link and a HTTPS link?

gosh I feel so no-brained today

HTTP has no certified security or protection of your personal info.
https does

Note that although HTTPS websites use a secure protocol, they can do whatever evil things they want with whatever you give them.

Well if you care that much, use a filter!
Don't ban all the rest of us from using links just because you're too lazy to install a filter.

In projects, someone can write a JS function to send that person to another website. I'm saying HTTPS is safer than HTTP, and this should also apply to HTTP downloads.

Sure but Snap! is an educational website and it is important that everyone is able to learn to do every possible act and they do not have any limitation. There can be APIs which only support HTTP and users may want to be able to make requests to them.

Hi everybody!
Only note that this (http calls not allowed over https connections) is not a Snap! behavior. It is the way Internet runs!

This is not about "links", because our "url" calls are not browser links (to call those links in another browser tab). We want to call urls and get their content. And then, Internet rules are working as usual (for example, in a https page, you can't insert an image that has a "http" src).

You can find a lot of docs about this. https://www.w3.org/TR/mixed-content/#categorize-settings-object

Anyway, if you need use "http calls" for some reasons, you can do it. Yes, you can call a proxy and, easier, use http://extensions.snap.berkeley.edu/snap/snap.html

Joan

i also feel like http links can be unsafe, support (or whatever you call it i'm too used to scratch forums and this is my first post)

thanks

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.