On Monday, 25 January 2021 13:04:08 GMT Stephen Wolff wrote:
> It might be an issue with ‘https’, as Chrome is very fussy about
> this nowadays. Not sure whether Chromium is the same, but it is likely
> to be.
Hmmm. When I did the original Web Server at WMT (Audio Guide, Kiddies
Quiz,etc), I tried setting it up with Self-Signed Certificates, but Chrome on
Android didn't like them.
> You can view what cookies are stored in the ‘inspector’, so worth
> checking whether any are stored for an ‘http’ rather than
> ‘https’ connection.
I'm assuming that this ‘inspector’ is accessed via the 'More tools -
Developer tools' Menu item. I tried that and couldn't see any cookies,
although they are visible in the main Settings Page.
I tried clearing Browsing data and worked. I didn't even have to close the
browser. When I went back to the Control Page, I was prompted for my
credentials.
Since we can't force anyone to clear their cookies, I guess this comes back to
my original query; how unsafe is this? I can see Hamish's point, the session
cookie is only going to be stored on the user's device, so if he keeps it
safe, things should be OK.
Any comments on this?
--
Terry Coles
--
Next meeting: Online, Jitsi, Tuesday, 2021-02-02 20:00
Check to whom you are replying
Meetings, mailing list, IRC, ... http://dorset.lug.org.uk
New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
