Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

Klaus major-k writes: > a more appropriate page. Heh. https://major-k.de --> https://major-k.de/cgi-sys/defaultwebpage.cgi The default certificate is now owned by diesel. It's a step in the right direction, though. -- Mark Wieder ahsoftw...@gmail.com

Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

Hi all, FYI, here the response from on-rev support: ... Thank you for sending me this information. This was being caused by a glitch resulting from requesting a HTTPS page from the web server for a domain which was not configured to use HTTPS. This has now been fixed to direct to a more approp

Re: OT, https <> http | WAS Application Transport Security deadline for iOS apps

Hi Mark, > Am 12.07.2016 um 19:39 schrieb Mark Wieder : > > Klaus major-k writes: > >> I'm completely puzzled, what the hell is going on here? >> Any insights highly welcome! > > That's the problem with shared servers. > Try this in a terminal window: > > dig major-k.de > dig legacytrees.org

Re: OT, https <> http | WAS Application Transport Security deadline for iOS apps

Klaus major-k writes: > I'm completely puzzled, what the hell is going on here? > Any insights highly welcome! That's the problem with shared servers. Try this in a terminal window: dig major-k.de dig legacytrees.org -- Mark Wieder ahsoftw...@gmail.com __

Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

I’m interested in the response too. Https requests to my on-rev site also link to legacytrees.org Paul > On Jul 12, 2016, at 5:23 AM, Klaus major-k wrote: > > Hi all, > > OK, mail sent to support, wainting for a response now, I will keep you > informed! > >> Am 12.07.2016 um 13:50 schrieb K

Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

When I go to either of these pages i get: Your connection is not private Attackers might be trying to steal your information from *www.kangaroo.on-rev.com * (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID Automatically repor

Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

Hi all, OK, mail sent to support, wainting for a response now, I will keep you informed! > Am 12.07.2016 um 13:50 schrieb Klaus major-k : > > Hi Peter, > >> Am 12.07.2016 um 13:47 schrieb Peter TB Brett : >> > On 12/07/2016 12:46, Klaus major-k wrote: >>> Hi Rolf, >>> Am 12.07.2016 um 13

Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

Hi Peter, > Am 12.07.2016 um 13:47 schrieb Peter TB Brett : > On 12/07/2016 12:46, Klaus major-k wrote: >> Hi Rolf, >> >>> Am 12.07.2016 um 13:36 schrieb Rolf Kocherhans : >>> >>> If I do the same I land on artisansofscotland.com :-( >>> My original page: www.kangaroo.on-rev.com >>> >>> If I g

Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

On 12/07/2016 12:46, Klaus major-k wrote: Hi Rolf, Am 12.07.2016 um 13:36 schrieb Rolf Kocherhans : If I do the same I land on artisansofscotland.com :-( My original page: www.kangaroo.on-rev.com If I go here: https://www.kangaroo.on-rev.com I land here: https://artisansofscotland.com

Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

Hi Rolf, > Am 12.07.2016 um 13:36 schrieb Rolf Kocherhans : > > If I do the same I land on artisansofscotland.com :-( > My original page: www.kangaroo.on-rev.com > > If I go here: https://www.kangaroo.on-rev.com > I land here: https://artisansofscotland.com thanks for checking, good to know

Re: OT: https <> http | WAS Application Transport Security deadline for iOS apps

If I do the same I land on artisansofscotland.com :-( My original page: www.kangaroo.on-rev.com If I go here: https://www.kangaroo.on-rev.com I land here: https://artisansofscotland.com Whats going on ? > Am 12.07.2016 um 12:00 schrieb use-livecode-requ...@lists.runrev.com: > > Hi friend

OT, https <> http | WAS Application Transport Security deadline for iOS apps

Hi friends, I have my website at ON-REV: and inspired by the ATS discussion I was curious and just entered this into the address line of my browser: I really did not exspect anything but an error like "Not configured" or whatever, but got a

Re: Application Transport Security deadline for iOS apps

What does ATS mean for people using on-rev ? I am not at all familiar with this subject, therefor I have a couple of questions: Will it be a per person thing, do I have to install a cert just for me ? Or will LiveCode do this for all users ? Or will this be implemented into the cPanel ? > > Am

Re: Application Transport Security deadline for iOS apps

u're using WKWebView, an arbitrary connection will be allowed for >> websites that are not HTTPS-enabled." >> >> So arbitrary connections are ok in the Xcode/Swift world. >> Does the browser widget use a WKWebView on iOS? >> >> James >> >>

Re: Application Transport Security deadline for iOS apps

t world. > Does the browser widget use a WKWebView on iOS? > > James > > > > > > -- > View this message in context: > http://runtime-revolution.278305.n4.nabble.com/Application-Transport-Security-deadline-for-iOS-apps-t

Re: Application Transport Security deadline for iOS apps

on-Transport-Security-deadline-for-iOS-apps-tp4706561p4706587.html Sent from the Revolution - User mailing list archive at Nabble.com. ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and man

Re: Application Transport Security deadline for iOS apps

Paul Dupuis wrote: >>> On 12 Jul 2016, at 6:55 AM, J. Landman Gay wrote: >>> >>> I wonder what happens if your app allows general browsing with, >>> say, a browser widget? > > And this is why I think what Apple is doing - regardless of the > security benefits - is wrong. Someone tell their friend

Re: Application Transport Security deadline for iOS apps

On 7/11/2016 5:21 PM, Monte Goulding wrote: > The browser widget will be blank. > > Sent from my iPhone > >> On 12 Jul 2016, at 6:55 AM, J. Landman Gay wrote: >> >> I wonder what happens if your app allows general browsing with, say, a >> browser widget? > And this is why I think what Apple is d

RE: Application Transport Security deadline for iOS apps

dman Gay Sent: Monday, July 11, 2016 4:56 PM To: How to use LiveCode Subject: Re: Application Transport Security deadline for iOS apps On 7/11/2016 9:31 AM, Mark Waddingham wrote: > Of course, it should be pointed out here that ATS relates to app > developers writing apps *not* general

Re: Application Transport Security deadline for iOS apps

The browser widget will be blank. Sent from my iPhone > On 12 Jul 2016, at 6:55 AM, J. Landman Gay wrote: > > I wonder what happens if your app allows general browsing with, say, a > browser widget? ___ use-livecode mailing list use-livecode@lists.

Re: Application Transport Security deadline for iOS apps

On 7/11/2016 9:31 AM, Mark Waddingham wrote: Of course, it should be pointed out here that ATS relates to app developers writing apps *not* general internet usage through browsers on iOS and Mac devices. i.e. Apple are saying - "if you have control over your servers and such then we expect you to

Re: Application Transport Security deadline for iOS apps

On 2016-07-11 16:43, Richard Gaskin wrote: HTTPS serves two purposes: one is encryption of data in transport, which may or may not be truly necessary. When when a server only hosts publicly-available information it may indeed seem overkill. I'd perhaps suggest that encryption of all internet t

Re: Application Transport Security deadline for iOS apps

Peter TB Brett wrote: On 11/07/2016 15:43, Richard Gaskin wrote: Paul Dupuis wrote: On 7/11/2016 7:05 AM, Peter TB Brett wrote: ... Apple will be requiring ATS for all iOS apps submitted to the app store from the beginning of 2017. ... The "Let's Encrypt" project may be useful. https://let

Re: Application Transport Security deadline for iOS apps

On 11/07/2016 15:43, Richard Gaskin wrote: Paul Dupuis wrote: On 7/11/2016 7:05 AM, Peter TB Brett wrote: ... Apple will be requiring ATS for all iOS apps submitted to the app store from the beginning of 2017. ... The "Let's Encrypt" project may be useful. https://letsencrypt.org/ I reali

Re: Application Transport Security deadline for iOS apps

Paul Dupuis wrote: > On 7/11/2016 7:05 AM, Peter TB Brett wrote: ... >> Apple will be requiring ATS for all iOS apps submitted to the app >> store from the beginning of 2017. ... >> The "Let's Encrypt" project may be useful. https://letsencrypt.org/ > > I realize that LiveCode has no influence ov

Re: Application Transport Security deadline for iOS apps

Having a pass-through would work, it just always amazes me that "increased security" forces work arounds that in the end will decrease it. Forcing a developer to route all traffic through one hole in this manner so that they can actually keep things working basically sets up a huge clearinghouse t

Re: Application Transport Security deadline for iOS apps

On 2016-07-11 16:15, Paul Dupuis wrote: It is good to know that, at least for a time, some way to make exceptions exists. I still think, that all the benefits of HTTPS aside, taking choice away from consumers, is wrong and a "bad" move on Apple's part. They aren't taking the choice away from co

Re: Application Transport Security deadline for iOS apps

You (i.e. a developer who has one of these apps that scrapes from non-hhtp sites) could always provide a "relay" site that took https connections, made the request to the http site and then forwarded the end result. -- Alex. On 11/07/2016 15:13, Paul Dupuis wrote: On 7/11/2016 9:42 AM, Peter

Re: Application Transport Security deadline for iOS apps

On 7/11/2016 9:52 AM, Mark Waddingham wrote: > Of course, Apple will likely become more and more strict over time - > but it sounds like there is still 'plenty' of time for third-party > HTTP-only services to upgrade. I imagine there will be a great deal > less time for web services owned and contr

Re: Application Transport Security deadline for iOS apps

On 7/11/2016 9:42 AM, Peter TB Brett wrote: > If taken to court, I expect Apple would show evidence of the above and > argue that they are taking much-needed steps to ensure users' security > and safety, by making sure that the data the user receives is the same > as the data that was sent, and tha

Re: Application Transport Security deadline for iOS apps

On 2016-07-11 14:25, Paul Dupuis wrote: I realize that LiveCode has no influence over Apple, but this is one of the most bone-headed thing Apple has ever done to it's developers. There are millions of web servers out there without any logins, serving publicly available data or information, that

Re: Application Transport Security deadline for iOS apps

On 11/07/2016 13:25, Paul Dupuis wrote: I truly hope someone sues them over such censorship on 1st amendment (freedom of speech) grounds. According to my recollection of judicial precedent, the 1st Amendment of the US Constitution enjoins state and federal from prior restraint of speech, and

Re: Application Transport Security deadline for iOS apps

On 7/11/2016 7:05 AM, Peter TB Brett wrote: > Hi all, > > Many LiveCode developers currently disable (Application Transport > Security) ATS when deploying to iOS in order to access web resources > over insecure HTTP, rather than HTTPS > > Apple will be requiring ATS for all iOS apps submitted to th

Application Transport Security deadline for iOS apps

Hi all, Many LiveCode developers currently disable (Application Transport Security) ATS when deploying to iOS in order to access web resources over insecure HTTP, rather than HTTPS Apple will be requiring ATS for all iOS apps submitted to the app store from the beginning of 2017. At that po