1. Hello Guest!

    Thank you for visiting the ClubRunner Community website, you can login using your ClubRunner account information by clicking the login link on the top of every page.
    Dismiss Notice

Security Parameters in Need of Explanation

Discussion in 'General' started by John Borst on Dec 8, 2019.

  1. John Borst

    By:John BorstDec 8, 2019
    Well-Known Community Member
    Beta Tester

    Joined:
    Jun 25, 2018
    Messages:
    215
    Likes Received:
    52
    Gender:
    Male
    Occupation:
    Retired Education Administration and Teacher
    Location:
    Education - retired
    This morning I received information regarding a post I attempted to make, which I have not experienced on ClubRunner in the past.

    When I attempted to post the article in the same format that I have been using for years. (Title-Heading-2; sub-title Heading 4, Text-Trebuchet MS, size 18 plus two pictures) I noticed a symbol in the URL box and when I clicked on it it said something to the effect that the content was blocked because of an "unauthenticated script" what ever that means. There was also words in blue meaning there was a link. I thought it would given a more detailed explanation, instead it permitted the article to be published by unblocking the widget and now it says that the site is not secure.

    I was using Chrome and then checked the post out on the Edge and Brave browsers and looked for icons giving the same or similar messages.
    Here are some examples:
    Brave Browser-this was the original message and I clicked on Chrome's version of "load unsafe script"
    [​IMG]
    Edge browser messages:
    [​IMG]

    [​IMG]
    Chrome Browser examples
    [​IMG]

    [​IMG]
    I clicked on manage and got this
    [​IMG]
    And had no idea what to do next.
    Why did all this happen? How can I prevent it in the future? And what should I do when I face the situation again?
     
  2. Zach

    By:ZachDec 9, 2019
    Moderator
    ClubRunner Team

    Joined:
    Jun 5, 2017
    Messages:
    592
    Likes Received:
    80
    Gender:
    Male
    Occupation:
    Product Specialist
    Location:
    ClubRunner
    Hi John,

    The warnings are being generated from stories the club wrote back in the early 2010's. You had 18 stories that had embedded flash players (which were also embedded without https), which are no long really allowed on the web by modern browsers. I've removed the stories that had the embedded flash player from being listed on the stories page, they are still in the club's story library. The warnings you were running into should go away once you refresh the page. I very much doubt you would run into this again unless you go out of your way to link to flash based content.

    Please let me know if you have any additional questions!
     
  3. John Borst

    By:John BorstDec 9, 2019
    Well-Known Community Member
    Beta Tester

    Joined:
    Jun 25, 2018
    Messages:
    215
    Likes Received:
    52
    Gender:
    Male
    Occupation:
    Retired Education Administration and Teacher
    Location:
    Education - retired
    Thanks Zach. I have been using modern browsers for some time now so why was it yesterday that the message appeared, especially since the problem goes back to 2010 which is the year we started using ClubRunner?
     
  4. Zach

    By:ZachDec 9, 2019
    Moderator
    ClubRunner Team

    Joined:
    Jun 5, 2017
    Messages:
    592
    Likes Received:
    80
    Gender:
    Male
    Occupation:
    Product Specialist
    Location:
    ClubRunner
    I am unsure why the error started yesterday for you, but it should have been displaying for some time. The warnings were very specific to the flash content that was embedded in some of your older stories assigned to the list of stories page. Both for being flash, and for being embedded in an insecure manner (no HTTPS).

    The only change I did make was to remove the stories with the embedded content. Its possible one of the older stories linked to a domain that is no longer active, or now active again as a malicious website.
     
Top