[Security] "... introducing yourself ..." In lobby links to the unsecured Hedgewars website.

1 reply [Last post]
UltiMaxKom
UltiMaxKom's picture
User offline. Last seen 28 weeks 3 days ago. Offline
Joined: 2016-06-26
Posts: 381

The link to the introduction thread in the "Let us know more about you by introducing yourself! :D" line provided on the online lobby sends players to the unsecured side of Hedgewars. Hackers might take chance here by asking new players to make an account and introduce themselves on the unencrypted site, or etcetera.

Is this fine?
If it is then okay, I just making sure about it.

╟───NW──────┼──────N╢

╓──────────────────╖ ╓──────────────────╖
⠀HP: ██████████ 1E9/1E91E9/1E9 ██████████ :MP
╙──────────────────╜ ╙──────────────────╜

Wuzzy
Wuzzy's picture
User offline. Last seen 11 hours 12 min ago. Offline
Joined: 2012-06-20
Posts: 1190

Do you mean http:// vs https://?

Well, in that case, you are almost correct. You just picked the wrong link. Smile

The introduction link in the MOTD is:

https://hedgewars.org/hello

But there's still a http:// link in the MOTD:

http://www.hedgewars.org/node/1312#move

Yes, this should be fixed, there is no reason to use the http:// link. Thanks for noticing.

Hi, I am a Hedgewars developer. Smile I accept personal donations in bitcoin. Heart 17fsUywHxeMHKG41UFfu34F1rAxZcrVoqH

Copyright © 2004-2017 Hedgewars Project. All rights reserved. [ contact ]