Jump to content
Sign in to follow this  
Etienne Brando

The Second Marketplace is broken for Internet Explorer Browser In the HTTPS mode

You are about to reply to a thread that has been inactive for 2564 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

I am disappointed that the April 2011 release has broken the second life marketplace for Internet Explorer users. A customer has to constantly dismiss the security warning dialog box for every page in the marketplace that contains an advertisement image. As many of us know Internet Explorer is still the most popular browser in the world. This means that over 50 percent of visitors to the second life marketplace cannot now navigate the site without the constant nuisance effect of this dialog popup.

I opened a live chat with second life support and was told that they cannot address the issue. The live chat representative suggested that i adjust my browser security setting. Since this is not a fix for all users who are impacted, I was directed to open an JIRA bug report. After creating an issue (WEB-3795) in the second life JIRA for this problem, I want to post this thread such that marketplace team and other merchants can also be notified.

In my humble opinion and as an experienced web developer, I believe that this defect is an emergency for Linden Labs and also for all merchants who, like myself, sell items on the second life market place.

Imagine that more than 50% of all potential customers, who use Internet Explorer as their web browser, will now be turned away from the second life marketplace because they are constantly being presented with a security warning pop-up dialog window for every page that they visit.

I sincerely hope that this issue will be addressed in the near future.

Share this post


Link to post
Share on other sites

i use chrome exclusively it doesn't have all the annoying crap that internet explorer has but i have noticed there is an issue with the https usually it's 128bit encrypted according to chrome when you click the https there is some high risk unsecure stuff on the page that could be modified by an attacker hopefully it'll get fixed 

Share this post


Link to post
Share on other sites

I am not so concerned about my own ability to navigate the second life marketplace web site. I am concerned about the ability of potential customers who need to navigate the site in order to purchase products. If they are presented with the nuisance effect of the security warning dialog then many will turn away.

SSLIssue.jpg

As I suggested before, the impact is to approximately 50% of all users in the world

Share this post


Link to post
Share on other sites

You can remove this annoying prompt by just going into your IE settings:

Under SECURITY SETTINGS - Internet Zone - Customize
Submit non-encrypted form data:
default is PROMPTED
switch to ENABLED

ADDED POINT:  As Ishtara pointed out later - it is likely the DISPLAY MIXED CONTENT setting that needs to be changed from Prompted to ENABLED.

This is an annoying IE default setting and it happens to many sites if you dont turn it to enabled.  Unfortunately if shoppers dont know this - they will still get hit with this.  so it would be best that LL fixes with a site that provides a consistent HTTPS stream (instead of switching to non-HTTPS for some parts of the visit).

Share this post


Link to post
Share on other sites

As you said ToySoldier, it would be best if Linden Labs fixes this problem rather than expect thousands of visitors to change their internet explorer settings to compensate. I am still having a hard time understanding how Linden Labs quality control could allow an issue like this to be released.  

Share this post


Link to post
Share on other sites


Toysoldier Thor wrote:

You can remove this annoying prompt by just going into your IE settings:

Under
SECURITY SETTINGS - Internet Zone
- Customize

Submit non-encrypted form data
:

default is PROMPTED

switch to ENABLED

This is an annoying IE default setting and it happens to many sites if you dont turn it to enabled.  Unfortunately if shoppers dont know this - they will still get hit with this.  so it would be best that LL fixes with a site that provides a consistent HTTPS stream (instead of switching to non-HTTPS for some parts of the visit).

Are you sure that is the right setting? I think I got rid of this message by switching "Display Mixed Content" to Enabled.

I agree that it is a nuisance and can easily be avoided on LL's side. But I've run into the same problem on other sites, so it is a general Internet Explorer issue (and an issue of Avant Browser, Maxthon II, and all the other popular IE shells) as well.

Share this post


Link to post
Share on other sites

Ishtara,

A page that mixes secure content with unsecure content is inherently unsecure. Just because a few other sites make the same mistake that Linden Labs has with the marketplace does not make it an Internet Explorer problem.

Linden Labs and other sites that make this mistake should make a correction by deciding which pages are secure and which pages do not need to secure. They should then implement the web standard such that secure pages have all secure content.  

Share this post


Link to post
Share on other sites


Ishtara Rothschild wrote:

Toysoldier Thor wrote:

You can remove this annoying prompt by just going into your IE settings:

Under
SECURITY SETTINGS - Internet Zone
- Customize

Submit non-encrypted form data
:

default is PROMPTED

switch to ENABLED

This is an annoying IE default setting and it happens to many sites if you dont turn it to enabled.  Unfortunately if shoppers dont know this - they will still get hit with this.  so it would be best that LL fixes with a site that provides a consistent HTTPS stream (instead of switching to non-HTTPS for some parts of the visit).

Are you sure that is the right setting? I think I got rid of this message by switching "Display Mixed Content" to Enabled.

I agree that it is a nuisance and can easily be avoided on LL's side. But I've run into the same problem on other sites, so it is a general Internet Explorer issue (and an issue of Avant Browser, Maxthon II, and all the other popular IE shells) as well.

You might be right but I currently have the "DISPLAY MIXED CONTENT" set to PROMPTED and in the marketplace I am not getting those messages so I just assumed it was the other setting.

Your suggested setting is likely correct.

--||-

Share this post


Link to post
Share on other sites

"A page that mixes secure content with unsecure content is inherently unsecure. Just because a few other sites make the same mistake that Linden Labs has with the marketplace does not make it an Internet Explorer problem.

Linden Labs and other sites that make this mistake should make a correction by deciding which pages are secure and which pages do not need to secure. They should then implement the web standard such that secure pages have all secure content."

 

^ This. I've developed a few e-Commerce sites in my time, and this is a common issue you usually find when testing the site before launch. LL's solution, since they do have ads on pages that would need to be secure (like the checkout page) would likely be to https:// their ad server. Nothing's coming in from outside, it's just the ads, right?

I'm just baffled that this wasn't caught before deployment!

Share this post


Link to post
Share on other sites

 


Edfred Jungsten wrote:

4 Days Later...Issue Still Unresolved...Site Still Giving Security Warning.

Brooke covered this in the User Group Meeting today and said it was a Top Priority and should be fixed by the end of the week.

 

Share this post


Link to post
Share on other sites

Though Geo Linden has marked the jira for this WEB-3795 as Fixed and Resolved it still doesn't work for me :(

I hope that they do get this fixed soon as I'm sure it is scaring a lot of people and frustrating the hell out of the others.  Whatever, it doesn't make for good business.

Share this post


Link to post
Share on other sites


Etienne Brando wrote:

I am still having a hard time understanding how Linden Labs quality control could allow an issue like this to be released.  

That's easy to understand. LL's quality control personel are devoid of quality.

Share this post


Link to post
Share on other sites

actually, here it is 2013 and i'm experiencing a similar problem with marketplace access. this only started happening recently, so something must have changed. the warning is as follows: *********** Information you exchange with this site cannot be viewed by others or changed by others. (checked OK) Security is from trusted source certifying authority. (checked OK) Security date is valid (ALERT ! ) NAME ON SECURITY CERTIFICATE IS INVALID OR DOES NOT MATCH THE NAME OF THE SITE. ********* i use internet explorer so maybe this is the problem.... but many people do. If the problem lies with something recently introduced by internet explorer, then i'm sure Marketplace will be hearing more complaints. If it's rooted in a new change in Marketplace, then i'd have thought they would have tested this out first.

Share this post


Link to post
Share on other sites
You are about to reply to a thread that has been inactive for 2564 days.

Please take a moment to consider if this thread is worth bumping.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...