Wrongful popup with warning about "unsecured HTTP page"

Options
hakesson
hakesson
Community Member
in Mac

When I go to fonts.com and click on "member sign-in" and then uses 1Password to fill in the user name & password it shows a warning popup about "unsecured HTTP page". But if you look at the code for the page the actual sign-in is done using HTTPS.

Please fix this problem.

Comments

  • littlebobbytables
    littlebobbytables
    1Password Alumni
    Options

    Hi @hakesson,

    If I visit http://www.fonts.com and click on the member sign in button to bring up the login window this all happens on an http page. As you're filling in on an unsecured page the warning pops up if the URL stored started with https. Now if I visit http://www.fonts.com/secure/sign-in in a fresh tab I'm redirected to https://www.fonts.com/secure/sign-in. We simply look at the URL either the user or extension supplied when the Login item was generated/edited. If the URL states the page where the fields should be filled was secure, and not just what happens after the submit button is pressed then we warn you when this isn't the case on future visits.

    One option would be to add http://www.fonts.com/ as a website field (but it would have to be top of the ordering), the other option would be to use open and fill in either the main 1Password application or the extension, that way forcing the use of the secured page.

    I hope that helps explain what you're seeing. If you have questions though please do ask.

This discussion has been closed.