Trains.com

Subscriber & Member Login

Login, or register today to interact in our online community, comment on articles, receive our newsletter, manage your account online and more!

Images Showing Up As Broken Links

1396 views
14 replies
1 rating 2 rating 3 rating 4 rating 5 rating
  • Member since
    July 2009
  • From: Newmarket, ON Canada
  • 334 posts
Posted by Aralai on Friday, November 19, 2021 2:39 PM

AEP528

That's not a completely true statement. HTTPS does nothing to prevent cyber attacks.  Malware can just as easily come over a secure connection as an insecure one. In fact, most phishing and scams intentionally use properly signed certificates for just that reason. What it does is prevent the reading of data in transit, with the main pupose to prevent theft of personal information. 

Good point and that's true. I guess my concern was more that it's not good practice to allow insecure content without understanding the risks. It's probably not a huge issue here with images and youtube videos - more so if you are using logons and passwords that could be intercepted and used to compromise you.

It's the same as using a public wifi at Starbucks or an Airport. If you are not using https and better yet a secure VPN, you are open to your data being stolen.

  • Member since
    February 2008
  • 327 posts
Posted by AEP528 on Friday, November 19, 2021 2:28 PM

Aralai

It is NOT a good idea to allow insecure content. There is a reason that they no longer display insecure content. By allowing it, you are leaving yourself open to cyber attack. My day job (30+ years) is Cyber Security.

 

That's not a completely true statement. HTTPS does nothing to prevent cyber attacks.  Malware can just as easily come over a secure connection as an insecure one. In fact, most phishing and scams intentionally use properly signed certificates for just that reason. What it does is prevent the reading of data in transit, with the main pupose to prevent theft of personal information. 

  • Member since
    July 2009
  • From: Newmarket, ON Canada
  • 334 posts
Posted by Aralai on Friday, November 19, 2021 2:27 PM

AEP528

He's using a personal website that doesn't support https. While I agree that using http is problematic, figuring out how to get a certificate and install it isn't exactly the easiest thing.

That makes sense. Temporarily allowing insecure content will resolve the issue for now, but Google & Firefox will not be allowing that option for the long term, so ensuring that websites are upgraded to https is going to be needed at some point very soon. I get that it is a royal pain in the butt, especially for non technical folks, but unfortunately they need to address malware payloads that can take advantage of insecure sites and content.

I went through that with some of my older sites recently and it can be a pain. A decent hosting company will have support to make the change though.

  • Member since
    February 2008
  • 327 posts
Posted by AEP528 on Friday, November 19, 2021 2:20 PM

Aralai

You can edit your post and select Source Code <> and add the 's' to where it says 'http' so it now says 'https'

He's using a personal website that doesn't support https. While I agree that using http is problematic, figuring out how to get a certificate and install it isn't exactly the easiest thing.

  • Member since
    July 2009
  • From: Newmarket, ON Canada
  • 334 posts
Posted by Aralai on Friday, November 19, 2021 2:18 PM

AEP528

With cs.trains.com loaded (it can be anywhere in the forums) click the lock icon next to the url, then "Permissions for this site". That will open up a settings page in Edge. Find the setting for "Insecure content" and change the dropdown to Allow. 

Reload the site and your images should appear.

For Chrome users, it's "Site settings" and "Insecure content" and "Allow", for Firefox users it's "Protection settings" and "HTTPS-Only Mode" then "Don’t enable HTTPS-Only Mode"

 

It is NOT a good idea to allow insecure content. There is a reason that they no longer display insecure content. By allowing it, you are leaving yourself open to cyber attack. My day job (30+ years) is Cyber Security.

 

  • Member since
    July 2009
  • From: Newmarket, ON Canada
  • 334 posts
Posted by Aralai on Friday, November 19, 2021 2:15 PM

You can edit your post and select Source Code <> and add the 's' to where it says 'http' so it now says 'https'

Most browsers will not show insecure (ie: http) content, nor should they. It can be a serious security issue.

  • Member since
    February 2001
  • From: Wyoming, where men are men, and sheep are nervous!
  • 3,392 posts
Posted by Pruitt on Friday, November 19, 2021 2:13 PM

Thanks AEP528!

That worked.

When these bozos change settings like that, when you open the browser it should tell you, plus tell you how to reset whatever they changed. 

  • Member since
    February 2008
  • 327 posts
Posted by AEP528 on Friday, November 19, 2021 2:09 PM

It works going to your site directly because it's not mixed http/https content. Google and Microsoft probably announced their plans to make the change, but us mere users generally have no idea until something doesn't work.

With cs.trains.com loaded (it can be anywhere in the forums) click the lock icon next to the url, then "Permissions for this site". That will open up a settings page in Edge. Find the setting for "Insecure content" and change the dropdown to Allow. 

Reload the site and your images should appear.

For Chrome users, it's "Site settings" and "Insecure content" and "Allow", for Firefox users it's "Protection settings" and "HTTPS-Only Mode" then "Don’t enable HTTPS-Only Mode"

  • Member since
    February 2001
  • From: Wyoming, where men are men, and sheep are nervous!
  • 3,392 posts
Posted by Pruitt on Friday, November 19, 2021 1:57 PM

AEP528
Google Chrome and Microsoft Edge have started blocking insecure (http, not https) data by default. Your personal website is http only, so the images are blocked. My install of Firefox allows non-https content, but I can't recall if that's the default or if I set it. Chrome and Edge at least tell me the default is blocked.

You can change the site permissions in the browser to allow insecure content for cs.trains.com, and then you get a scary red "Not secure" warning by the url and the images load.

Most of the photos posted via sharing sites use https, so don't exhibit the problem.

Well that's just great! Why do they do this kind of crap without letting you know it's happening?

I have no trouble accessing my site directly. And why would clicking on the links bring the images up?

Any idea how to change the setting in Edge so I can see the images in the threads? I have no idea how to do that.

  • Member since
    February 2008
  • 327 posts
Posted by AEP528 on Friday, November 19, 2021 1:35 PM

Google Chrome and Microsoft Edge have started blocking insecure (http, not https) data by default. Your personal website is http only, so the images are blocked. My install of Firefox allows non-https content, but I can't recall if that's the default or if I set it. Chrome and Edge at least tell me the default is blocked.

You can change the site permissions in the browser to allow insecure content for cs.trains.com, and then you get a scary red "Not secure" warning by the url and the images load.

Most of the photos posted via sharing sites use https, so don't exhibit the problem.

  • Member since
    February 2018
  • From: Flyover Country
  • 5,557 posts
Posted by York1 on Friday, November 19, 2021 12:02 PM

Pruitt
Suddenly, as of the last day or so, all the images in my layout build thread (https://cs.trains.com/mrr/f/11/t/278638.aspx) are showing up as broken links in Chrome and Edge. Firefox works fine.

 

Mark, I just checked and the images appear normal.

I use Edge.

York1 John       

  • Member since
    December 2015
  • From: Shenandoah Valley
  • 9,094 posts
Posted by BigDaddy on Friday, November 19, 2021 11:57 AM

Pruitt
What bug is that?

  People report they can't post youtube videos

Henry

COB Potomac & Northern

Shenandoah Valley

  • Member since
    February 2001
  • From: Wyoming, where men are men, and sheep are nervous!
  • 3,392 posts
Posted by Pruitt on Friday, November 19, 2021 8:29 AM

What bug is that? I haven't heard about that one.

  • Member since
    November 2006
  • From: NW Pa Snow-belt.
  • 2,216 posts
Posted by ricktrains4824 on Thursday, November 18, 2021 11:59 PM

Could be the same "bug" that has snarled video links?

Ricky W.

HO scale Proto-freelancer.

My Railroad rules:

1: It's my railroad, my rules.

2: It's for having fun and enjoyment.

3: Any objections, consult above rules.

  • Member since
    February 2001
  • From: Wyoming, where men are men, and sheep are nervous!
  • 3,392 posts
Images Showing Up As Broken Links
Posted by Pruitt on Thursday, November 18, 2021 11:18 PM

Suddenly, as of the last day or so, all the images in my layout build thread (https://cs.trains.com/mrr/f/11/t/278638.aspx) are showing up as broken links in Chrome and Edge. Firefox works fine.

When I click on the "broken" links the image opens up, which seems to indicate that the link isn't the problem.

Is anyone else seeing the same thing? Any idea what may be causing it, and what can be done to fix it? 

I'm seeing the same thing in a lot of threads, but not all of them. ???

Subscriber & Member Login

Login, or register today to interact in our online community, comment on articles, receive our newsletter, manage your account online and more!

Users Online

There are no community member online

Search the Community

ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
Model Railroader Newsletter See all
Sign up for our FREE e-newsletter and get model railroad news in your inbox!