>>14565
>they now won't be able to see which exact bits of /x/ or /y/ you're fapping to
Who cares? Not having a go, I just still don't see the utility. If someone is browsing .gs at work when they aren't supposed to an encrypted connection isn't going to stop them being found out.

>>14568
I totally agree with that - that isn't the full reason I actually did it though.

A lot of browsers will soon start showing you security warnings and "this site is insecure" soon if we hadn't done this. Google Chrome threatened to do it from October but backed out, but ITZ COMING. It's just a good practice thing. I've been waiting for a particular bit of software to support the kind of server we have, and when I had the time to sit and make all the tiny changes it requires all over the codebase. Brian is old, as am I.

>>14569
Right, fair enough. See, that's all I wanted to know!

>>14568
It has something to do with your browsing habits being light reading for local authorities as well as law enforcement, not just abstracting your porn habits. And as purpz says, web browsers are already notifying people about unsecured connections.

You seem to making an argument against people hanging curtains, claiming it has no utility, because they don't lock their front door. "Well, why bother having curtains if someone could just walk into your house and see you naked anyway?"

The difference being, they need a reason to come in vs absent mindedly watching you scratch your balls through the living room window and you still have the option to lock your door.

>>14571
That's it - when you're in a hotel, for instance, you're often using a transparent proxy without realising it - what that means in English is that without HTTPS, its actually very easy for all the people in between your browser and my server to see exactly what you're looking at. They still know you're browsing this site, but there is a small degree of extra privacy there.

Don't underestimate how much they can still see though. This way, they have to directly hack your device (or mine), or do some detectable network tricks - it makes it a bit hard to just easily sit in the middle somewhere and snoop up all the traffic.

Like I said though, browsers are detecting when there is "form that contains a password field" as we have when you post, and starting to show a lot more warnings and thats only going to become more prevalent. That's the main reason.

>>14573
Obviously the real solution was to change the password field to a plain input.

>>14574
I considered that - there are probably other ways of giving you the ability to edit/delete your own posts without it or a better way of handling it, but this is quicker.

At work I have seen some mobile phone browsers still give warnings anyway if the connection is not https and I can see thats just how it will go. It's the right thing to do.

>>14571
>It has something to do with your browsing habits being light reading for local authorities as well as law enforcement
I really couldn't give a flying fuck if my council or the fuzz know what I read or look at on .gs. And if I was in such a position to care, if I felt that my patronage of .gs was such a threat to my livelihood, then I would take my own steps to hide my browsing.

>You seem to making an argument against people hanging curtains etc.
Er, I don't really understand your analogy. But to be clear, I'm not saying there is absolutely no point in .gs having HTTPS. I'm saying that I couldn't see the point in purps expending the effort involved in upgrading the server for little tangible benefit.

He's now explained that it's more or less to future-proof the site, and I'm on board with that.

>>14577
>I really couldn't give a flying fuck if my council or the fuzz know what I read or look at on .gs.
NUFFIN TO IDE NUFFIN TO FEEUR INNIT

>>14577

HTTPS is important for secure transactions, but it's also about strength in numbers. If every site uses HTTPS by default, it massively hampers bulk surveillance. With HTTPS enabled, all an eavesdropper can see is that you visited a website. They can't see what pages you visited, they can't see what username you logged in with, they can't see what content you posted. HTTPS is relatively straightforward to enable for most sites, but it gives users a substantial degree of privacy with no effort on their part. It also provides some degree of security by reducing the opportunity for malicious third-parties to inject their code into a website.

The major browsers are giving increasingly aggressive warnings about non-HTTPS sites to encourage web developers and admins to do the right thing. Google have said that eventually they intend to block all non-HTTPS connections by default, so it's not a matter of if sites should switch to HTTPS but when.

>>14579
>HTTPS is important for secure transactions, but it's also about strength in numbers. If every site uses HTTPS by default, it massively hampers bulk surveillance.
This. If you only use TLS for important stuff, then anyone intercepting your traffic (and it almost certainly is being intercepted somewhere) can tell which sites are important to you. That information is useful and valuable in and of itself. If you use TLS for unimportant stuff too, then this signal becomes useless.

>>14579
>>14580
True, but probably 1% of the sites I'm currently browsing are not forcing an HTTPS connection by default. So that is no real reason for .gs to join if the gang is already so large. Again, it's about what is a good investment of marple's limited time.

>>14581
I think purps can decide for himself what is and isn't a good investment of his time, you berk.

>>14581
>marple's

>>14582
>purps

How many others are there? Off the top of my head I can only think of green and I think the Oak Furniture Land fame went to his head.

It's annoying me that this is the kind of thing I used to know but I've now forgotten, although I'm also annoyed that I'm not sure how much value I should place on being able to recall niche internet trivia.

>>14583
Marple is a wordfilter for Dear Leader's mod handle, which can only be invoked on the full moon.

>>14582
He certainly can; doesn't mean I won't fail to understand it.

But I've already said that I accepted purps' reasoning about ten posts ago so I haven't a clue why you're still going on about it.

I'll be attempting some slightly more exciting things later in the week, but I wanted to get this one out of the way first.

It's a good question on why I spend any time doing things to the site; I just do it because I like it, I don't start a new job for at least another week and I learn/practise a lot of things I use at work, here - you're my secret guinea pigs.

Nice.

>>14588
Okay the front page of /beat/ is now done.

>>14543
The older embeds should now work.

I'll overhaul the YouTube stuff this week so only the thumbnail is embedded until you press play. That'll mean far less wasted data and it'll workaround the swapped video race condition.

>>14590
Ah thank you!

>>14590
You can now embed YouTube videos without tags: just paste the video URL from the address bar.

Let me know if these low-fat embeds really need to be integrated with the /o/ options or of any other problems. I'd not be surprised if some (low-res) videos don't get properly thumbnailed.

I'll leave the old tags as they were for now.

>>14618
If nothing happens when you click the thumbnail you'll need to hard refresh. We'll get these caching issues sorted now dev work is resuming.

>>14618
Looks like you have to press play twice on Android/Chrome because they've disabled autoplay. I'm sure there's a workaround.

>>14618

Why does Casey look like a goblin?

>>14618
What if I just want to link to the video and not embed it?

>>14623
For now you can use the share button links: https://youtu.be/v5rpAB-TsCA

Pray I don't also take that away.

I see that a fair few videos don't have high-res thumbnails. I'll probably fix that tomorrow.

Just tried it on test and I get a big grey 'video not found' placeholder graphic. But using the tags embeds it just fine.

>>14625
As mentioned in the previous post. Anyway it should now be fixed.

>>14626

>>14627
Cor, that's lovely!

Yeah lads I am going to be tinkering this weekend.

Be afraid.

>>14579
>They can't see what pages you visited
HTTPS doesn't encrypt the URL you're viewing.

>>14636
Yes it does. The actual HTTP request is sent after the tunnel is established.

>>14620
Turns out overcoming this isn't as simple as I'd hoped. How do we feel about having to press play twice? Would it be better to follow 4chan and link to the video instead? I believe this would usually load the YouTube app.

>>14618

I've found that YouTube videos embedded the old fashioned way seem to take considerably longer to load on the page.

>>14966

and that ones embedded the new way don't say the video's title on the top left in white writing like they used to.

>>14966>>14970
Then it's settled, from now on we'll only use Vimeo.

>>14971

Excellent idea.

>>14972

Actually, I don't know that I needed to delete that post after screenshotting it.

http://vimeo.com/24191501

Got myself a new 4k screen. Might have to make the images bigger again lads.

>>14999

Have we finally reached a point where we can fit Narkiss's fanny on a screen without zooming out?

>>15000
Let's hope so.

>>14513
Wish I knew where the snowflake code has gone.

I know it's shit houses but I miss the early 2000s phenomena of sites that dropped drifting snowflakes over the whole window in December.

I have no recollection of britfa ever having this feature but since I first stumbled over this place in 2010 I don't think I've been sober for more than a total of six months all in, so don't take my word as fact or anything.

>>15153

We did have that, it must have been a while ago as I remember it made my laptop overheat every time I visited. Good times.

>>15153
We had it regularly, but as the lad says, needed its own graphics card ten years ago.

I actually found the snowflake code again - bit late now.

>>15215
You could integrate it with some kind of weather forecast API to automatically enable it if significant portions of the UK have snow.

>>15215

Could we just have the ability to turn it on for individual users? Like a ban but far, far worse.

(I know already that we definitely can't have that but imagine a world where we could)