Conversation:
Notices
-
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Wednesday, 07-Jan-2015 19:02:01 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca Another browser detection #fail https://hackerone.com/browser-not-supported.html #WhyDoPeopleDoThis -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 00:50:11 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca ♻ Remon Oldenbeuving @R51: @BobJonkman In what browser are you seeing this? -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 00:50:52 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca @R51 It's not the browser. Sites should degrade gracefully, and still work when referers or browser ID strings or Javascript isn't available -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 22:02:35 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca ♻ Remon Oldenbeuving @R51: @BobJonkman We introduced this redirect from a security standpoint. We intentionally block browsers that don't support XFO and HSTS headers -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 22:03:23 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca ♻ Remon Oldenbeuving @R51: @BobJonkman so yes, I agree with you that sites should degrade gracefully when they can, but no, I don't think we can do that at this point. -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 22:04:27 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca ♻ Remon Oldenbeuving @R51: @BobJonkman we can probably improve a lot on browser support and graceful degradation though, so if you have any tips, let me know! -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 22:11:39 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca @R51 Is https://hackerone.com 1) actually checking for XFO and HSTS capability, or 2) merely (mis)identifying the User Agent? -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 22:15:42 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca @R51 If 1) then provide that detail in the error message for us techs, eg. "HSTS support required, but not detected" -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 22:23:31 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca @R51 Also, I see that https://hackerone.com is completely #Javascrippled; nothing on the page except an error message, not even a logo -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 22:28:18 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca @R51 For secure browsers that choose not to use #Javascript, can you provide at least the site name, description and logo? -
Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Friday, 09-Jan-2015 22:31:47 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca @R51 Remon, thanx for responding, and being so open to feedback! https://hackerone.com
-