HTTP fallback for this site (or something)?

Momijiharp

Momijiharp

Hi,

I happened to notice that IE8/Chrome/Chromium derivatives doesn't load this website on XP, though none of them are as secure as using something like Pale Moon or K-Meleon, it would be nice to have either a HTTP fallback for this site, or usage of something other than an ECC certificate which XP's crypt32.dll doesn't recognise.

Or just redirect all devices not being able to read ECC certificates using a htaccess rule to the K-Meleon Goanna test build page would be an easier option (though UA sniffing via htaccess to disable the HTTPS redirect AND the browser itself would have to be implemented, possibly slowing server times).

I just registered here and it'd be nice to see because this is an XP forum after all... also, don't shut the forum down if XP was to become properly obsolete, maybe repurpose the forums into something like MSFN's stuff?

Thanks ^^
 
I completely agree with you, Momijiharp. This site works perfectly on Opera 12.18 (in fact, I'm typing this message from Opera right now;I do use Mypal for other sites that Opera is starting to have problems with nowadays though). I would love to see an HTTP version of this site, ideally one that would be designed to work well on older browsers (meaning that it could be accessed via something like Firefox 2, or Opera 9, or even the old OffByOne browser).
 
In general, this site should work well with any Presto-based or Gecko/Goanna-based browser released in the last five years at least, perhaps even further back. I'm amazed that Opera 12.18 works as well as it does with this site; I thought it was going to have a hard time with the JavaScript elements, but it's actually very fast and functional on a browser that these days is not exceptionally good for JS-heavy websites).
 
Momijiharp said:
Hi,

I happened to notice that IE8/Chrome/Chromium derivatives doesn't load this website on XP, though none of them are as secure as using something like Pale Moon or K-Meleon, it would be nice to have either a HTTP fallback for this site, or usage of something other than an ECC certificate which XP's crypt32.dll doesn't recognise.

Or just redirect all devices not being able to read ECC certificates using a htaccess rule to the K-Meleon Goanna test build page would be an easier option (though UA sniffing via htaccess to disable the HTTPS redirect AND the browser itself would have to be implemented, possibly slowing server times).

I just registered here and it'd be nice to see because this is an XP forum after all... also, don't shut the forum down if XP was to become properly obsolete, maybe repurpose the forums into something like MSFN's stuff?

Thanks ^^
Click to expand...

I have SRWare Iron 49.2600.0, SlimJet 9.0.7.0, and Chromodo 45.9.12.292 browsers.....all derivatives of Chrome/Chromium. None have any problem loading this website (I'm logged-in and doing this post via SRWare Iron), so I would assume your problem is not with the browsers, but lies somewhere else. Unfortunately I'm not skilled enough to guess what the problem is. These Chrome/Chromium-based browsers do have a major problem caused by the CA nazis embedded security certificates store in XP, and their refusal to maintain it. Nearly half the URLs I attempt to reach are blockaded by this flaw, but so far, not this website. I believe the longterm solution is to install a MITMproxy, with bogus uber-certificate, to overrule the entire embedded certificates store, and currently looking for a coder or programmer (i.e. gun-for-hire) to do this.
 
Another solution could be using an HTTP-based proxy like proxycrime.com or fastusaproxy.com & accessing the forums that way (using that method I'm currently logged into the site via Opera 9.52 and typing this message from that browser; I was even able to log in and do a post with Netscape 4.08 [the newest browser I know of that doesn't have a trial period attached to it & won't throw up constant messages about certificate errors AND will work on every Windows version down to 3.1]).
 
Last edited:
Just in case nobody's aware of this, Google (from the current version, 64-bit Chrome 69), have coded the browser to refuse to display non-HTTPS sites.....which are now flagged as being 'insecure'. This re-jigging has permeated backwards throughout the 'production run'; no Chromium-based browser (of which Chrome is one itself; Google 'sponsor' the Chromium Project, after all, and draw Chrome's source code therefrom) will now display an HTTP site without an awful lot of fuss.

I use an ancient version of Chrome (Chrome 26!) in an elderly version of Puppy Linux, and, despite that this browser is now so old that it will no longer 'sync' to a Google a/c, it's still affected by this problem.....


Mike. ;)
 
Chrome 26 is actually not too bad, even by today's standards...it shows its age when trying to render sites that use a lot of HTML5 garbage, but for most sites it's still perfectly usable (or was, from the sound of things). My current browser combo is Opera 11.64 for most sites and Firefox 26 for more modern ones--after a lot of trial and error I found a combination that works well on my old Pentium 4 (Prescott, 2.8GHz) PC. They both have certain 'quirks' as far as site rendering, but they load faster and use a bit less RAM than Opera 12.18 + Firefox 52ESR.

It sounds like anyone who uses a Chromium-based browser is going to need to use an extension that forces the browser to display all sites as HTTPS (including HTTP-based ones), if such a thing exists. It's a shame...I was actually giving some thought to giving Chrome another try, but I guess that'll be put on hold for a while. Chrome 49/Opera 36 weren't too bad, from what I remember. Great compatibility with most sites and fine HTML5 support (it took Firefox about a year or two to catch up, amazingly enough).
 
I feel though that the move to HTTPS is not just for security, but also a trick to pushing away small sites from being accessed, emphasising the big sites only, and stopping people who can't/don't want to set up Let's Encrypt (it has its issues such as certbot being a piece of trash) or a paid TLS solution.

That said there does need to be a fallback for stuff like IE8 because of people accessing the XP forums from a fresh install, etc.
 
That's not an unreasonable theory. They are really pushing to make the older sites unusable/inaccessible. The best solution for now, I think, is to try accessing the forums from a proxy if the available SSL/TLS protocols on a given browser do not natively support it. Even with Opera 9.52 I am able to log in and post messages, though there is the occasional crash (not a big deal--you just start it up again and log back in). Even with ye olde Netscape 4.08 I can log in and post messages, but it ain't pretty...
 
Opera 9 and 12 were brilliant, possibly hands down the best browsers ever made :D

And yeah, I think there's a method on the MSFN forums for a selfhosted HTTP proxy, only issue is that its download is hosted on zippyshare (a horrible filehost)
 
I have always considered the entire Opera series (from 9 to 12) to be the best browsers of all time. I would still be using them today if they did not have so many problems with today's sites. Right now I'm on MyPal (Pale Moon fork) 28--it's the best modern browser for XP at the moment, IMO.

Don't get me started on Zippyshare--that site has always ground my gears.
 
You must log in or register to reply here.
Back
Top