As far as I am concerned, HTTPS by itself doesn't do miracles. It involved more tech. Unless you can hack the global web infra, it's only possible to change this on a local network. Wouldn't there be more interesting targets in such situations?
Don't get me wrong, I am not trying to downplay the lack of HTTPS. But I do understand why this has no priority whatsoever. Proper HTTPS is more than work than running ACME to get a certificate issued. DANE, CAA, etc. On Tue, 2018-02-06 at 15:43 -0800, Charlie Eddy wrote: > "Can I update the value of "hosted_button_id" and > send you to my Paypal account ?" > > this > > is much cleaner, more logical, more formal, and more sensible than > > "No need to have this one https type really there isn't any > information > you enter on it..." > > On Tue, Feb 6, 2018 at 1:10 PM, Denis Fondras <open...@ledeuns.net> > wrote: > > > > If you actually donate and click on any links there you would see > > > it > > > bring you to a secure page. > > > > > > > But is this the right link ? Can I update the value of > > "hosted_button_id" > > and > > send you to my Paypal account ? > > > > Denis > > > >
