Conversation

Notices

1. Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 06:54:31 JST Foone🏳️‍⚧️

   I discovered a fun way to break chrome today!

   <a href="http://foobar.egg/blah">somelink</a>

   Set up foobar.egg so that it has both HTTP and HTTPS set up, but they lead to different places or HTTPS returns a 404/403.

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 06:55:39 JST Foone🏳️‍⚧️

     in reply to

     Firefox will actually follow the link as written.

     Chrome rewrites it to be https://foobar.egg/blah, so it breaks.

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 06:58:12 JST Foone🏳️‍⚧️

     in reply to

     I found this out on accident by linking to an old site which had the HTTPS version be broken. I naturally linked to the working HTTP version, but pretty quickly someone complained the link was broken. It's not, it's just that your browser isn't paying attention to the link I actually wrote.

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:01:27 JST Foone🏳️‍⚧️

     in reply to

     the part of the modern browser I'm most pissed off at is the part that wants the past to die as fast as possible.

     The web is always decaying already and surviving sites are rare enough as it is, please stop trying to actively destroy the past.

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:05:00 JST Foone🏳️‍⚧️

     in reply to

     it'd be almost amusing to set up a site intentionally like this. Like tell everyone to link to the HTTP version, but provide a "stop using chrome" page on the HTTPS version.

     I say "almost" amusing because you could just sniff the UA and that's way easier and more reliable

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:13:16 JST Foone🏳️‍⚧️

     in reply to

     • Raven667

     @raven667 tested: it breaks there too

   • Raven667 (raven667@hachyderm.io)'s status on Sunday, 24-Dec-2023 07:13:17 JST Raven667

     in reply to

     @foone is this with Firefox HTTPS-only mode enabled as well? I suppose I could be less lazy and set up this test case myself...oh well I guess I'll never know...😊

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:17:19 JST Foone🏳️‍⚧️

     in reply to

     it breaks if you turn on firefox's HTTPS-only mode, and in the same way

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:21:39 JST Foone🏳️‍⚧️

     in reply to

     like I get the reason for wanting to do this, but it does mean (much like the "you can't download files from HTTP sites" change) that a bunch of old sites break.

     Yeah it's annoying that modern, maintained sites might have to make a quick change, but it also means that a lot of old websites are just dead now

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:23:39 JST Foone🏳️‍⚧️

     in reply to

     and as much as I understand why they're doing it, as an archivist I hate to see any company with as much power over the web as google to decide that they care more about making the modern web slightly more secure than keeping the old web STILL WORKING AT ALL

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:25:26 JST Foone🏳️‍⚧️

     in reply to

     anyway the workaround is that you have to specify the port.

     <a href="http://foobar.egg:80/"> works

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:29:46 JST Foone🏳️‍⚧️

     in reply to

     • William D. Jones

     @cr1901 that still works. and it doesn't seem to have https set up, which keeps it from getting redirected

   • William D. Jones (cr1901@mastodon.social)'s status on Sunday, 24-Dec-2023 07:29:47 JST William D. Jones

     in reply to

     @foone What happens with
     http://gopher.wdj-consulting.com:70?

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:31:28 JST Foone🏳️‍⚧️

     in reply to

     at least for chrome. firefox still rewrites in https-only mode, instead of giving you a "no HTTPS available" error

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:39:55 JST Foone🏳️‍⚧️

     in reply to

     • Ryan Castellucci :nonbinary_flag:

     @ryanc it was. thanks. fixed.

   • Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 24-Dec-2023 07:39:56 JST Ryan Castellucci :nonbinary_flag:

     in reply to

     @foone Things these days are cursed enough that I'm honestly not sure whether href-" is a typo or not.

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 07:41:52 JST Foone🏳️‍⚧️

     in reply to

     • nobody you care about

     @SnepperStepper yeah I've thought about doing that. like stuffing the mozilla engine into some designed to make it look like Netscape 4

   • nobody you care about (snepperstepper@mastodon.social)'s status on Sunday, 24-Dec-2023 07:41:53 JST nobody you care about

     in reply to

     @foone i'd love to see a browser developed that mimics the old versions, that can run on a modern computer or an old computer the same. I'd think you might have to tune out things like shopify and things that rely on chrome but like, no big loss let's be real. Websites developed old skool are really the only ones worth visiting.

   • nobody you care about (snepperstepper@mastodon.social)'s status on Sunday, 24-Dec-2023 08:07:06 JST nobody you care about

     in reply to

     @foone is that gonna run on my windows 98 setup?

   • Foone🏳️‍⚧️ (foone@digipres.club)'s status on Sunday, 24-Dec-2023 08:07:06 JST Foone🏳️‍⚧️

     in reply to

     • nobody you care about

     @SnepperStepper probably not no.
     the last time I used firefox (2.0) on windows 98, I googled "where is pee stored?" and the results page crashed the whole PC