Possible Discourse bug: Unsecured Connection?

Today I noticed something on the address bar:

Clicking on the i-for-information gave me this:

I have no idea if this is serious or not, but thought you might appreciate the info. It could be a browser bork (stock Samsung browser, which is a Chromium mod, on a Tab s4.) Another site I visit that uses Discourse gives the same result… but meta.discourse.org doesn’t (which is odd.)

Edited to add: this is happening intermittently, so maybe it’s just me. I do have another device streaming video; maybe it’s a connection issue?


Interesting. That suggests something isn’t being delivered with HTTPS, but I can’t reproduce it myself.

Anyone else getting this error?


Yeah, you know it’d be awesome if it actually said what wasn’t being delivered over HTTPS. :roll_eyes:

1 Like

Sorry, I posted what the browser gave me. I agree, it would be nice if it gave more info, but I don’t know how to find that out. If it’s just me, it’s probably either a browser hiccup or a connection/bandwidth issue.


I’m not sure why browser vendors have decided that removing information is the right way to deal with this stuff - like “The site isn’t secure” isn’t already scary enough? Somehow providing the URL that’s the problem is going to make it more scary?

I wish I could help further, but I can’t reproduce it. If someone else can reproduce it though, I’ll definitely raise the alarm on it!


I wasn’t trying to blame you or anything, sorry if that’s how it came off. :frowning: It was more a general frustration at how little useful information modern software tends to give when things go wrong.


Agreed! I don’t need tons of technical jargon, but a little more than “sOmEtHiNg Is WrOnG” would be nice… :rofl:


I’m getting it on this topic.

ETA: looks like it’s the same on all topics.

Edit again.

It changes to give a secure connection when I turn my VPN off.

And now it’s all nicely secured either way.:man_shrugging:

1 Like

That’s a maddening problem indeed. Was a site unreachable because the DNS name resolution failed, because there was a routing failure, or because there was nothing listening on the remote server? The browser makers decided we didn’t need to know why.


If you press f12 and go to the Security tab, that’s your best bet. I was on that tab, and refreshed this topic page and got:

However it is true that if anyone EMBEDS something that starts with http:// to a post, that’ll cause the dreaded “mixed content”. Simply linking to a non-https webpage won’t do it. You’d want to figure out which post is doing that.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.