Home » Categories » Multiple Categories

Secured access to content via HTTPS FAQ

 

As of January 2017, Google Chrome will display a "Not secure" message next to the address field in the Chrome browser if the user has accessed a page that includes a webform via an unsecured HTTP connection.

Chrome AlertBefore January 2017 Chrome Alert After January 2017

 

 

The following is an FAQ regarding HTTPS in Evanced products:

NOTE: Evanced software has always had forced HTTPS encryption on any and all Credit Card submission pages within all of our software offerings. These recommendations refer to the other pages within our software.

 

How does this effect my Evanced software?

  • Since the Evanced software uses many pages that utilize a text input field, this could be encountered frequently by the user. Because of this, we recommend utilizing the best practice of using HTTPS access to connect to our software in order to provide a more secure experience for you and your patrons.


What action do you recommend I take?

  • Here are examples of URLs we recommend you change to the HTTPS version:

In every link to the Evanced software that uses the HTTP prefix (ex. http://demozonepublic.evanced.info/signup) we recommend that you add an "s" so that the link so that it reads: https://demozonepublic.evanced.info/signup doing so directs you to the secured access to our products

This recommended change would affect any URL access to the site and include the following:

  1.  Bookmarks in web browsers to the Evanced products (staff and patron side of software).
  2. All links to the Evanced products from your library web page (ex. a "Calendar" link in your library webpage that directs the patron to the SignUp calendar product).
  3. Any XML feed URL's from the Evanced products that you embed in other areas (ex. a SignUp or Events XML or RSS feed that you use in digital signage).
  4. Any URL used in the Evanced widgets (ex. SignUp or Events TinyCal Widget, or SignUp or Events List Widget would need to have their URL updated).
  5. Any URL references used in an Evanced product API (ex. SignUp API, Dibs API, or Spaces API).

 

What happens if I don't change anything and do not update my links to the HTTPS versions?

  • Google Chrome will load content as expected and as it has in the past when accessing a page that includes a text entry field. The only difference will be the page status that is displayed next to the address bar within the Google Chrome browser.  

 

What happens when I use HTTPS URLs, but there is still unsecured content in the Evanced app (ex. a banner image hosted on the library server)?

 

Why are you recommending this now and what are the advantages of updating to HTTPS URLs?

1. Online Security standards are becoming more and more strict and browser updates will continue to enforce these higher standards. In fact, Google Chrome plans to use an even more overt warning message when accessing HTTP content later in 2017 (see example below) adhering to these best practices now helps keep you future-compatible and ensure the best experience for your users. 

2.  At some point Evanced will need to force all connections to our software under HTTPS (redirecting HTTP URLs). Changing your links and practices now will help ensure compatibility with that future state.

3.  The changes above currently reflect Google Chromes updated alert messages when encountering HTTP content, and Google Chrome consistently rates as the most popular browser used to access our products

 

At what point will Evanced force all connections to their software to be HTTPS?

  • NOTE: Evanced software has always had forced HTTPS encryption on any and all Credit Card submission pages within all of our software offerings. 
  • A firm date on this transition has not yet been put into place, but will go in stages. Both transitions will be announced in advance when a timeline is available and should take place in 2017

 

Custom Fields
  • Applicable To: All Users
  • Attachments: No
  • Summary: FAQ on using HTTPS in Evanced products
1 (1)
Article Rating (1 Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
Attachments Attachments
There are no attachments for this article.
Comments Comments
There are no comments for this article. Be the first to post a comment.
Related Articles
MySQL Performance Tuning
Viewed 12075 times since Wed, Sep 28, 2011
How Secure is Our Patron Information?
Viewed 7519 times since Wed, Sep 28, 2011
FAQ: Why does it say "Username has already been taken" when my patron hasn’t registered yet?
Viewed 1844 times since Wed, Jul 26, 2017
Frequently Asked Questions About Migration to SignUp from Events
Viewed 15686 times since Wed, Sep 12, 2012
Printing the SignUp Calendar
Viewed 3530 times since Tue, Sep 16, 2014
Facebook is not displaying the image of the event I liked
Viewed 8450 times since Mon, Feb 20, 2012
Enhancements to SignUp, Spaces, and D!BS
Viewed 1999 times since Tue, Sep 17, 2019
New Core SES Approach
Viewed 3570 times since Mon, Apr 4, 2016
How to use Page Editor to Edit the Summer Reader Home Page-Facebook, Certificate, Footer, Messages, Sponsor, and Title Classes
Viewed 12250 times since Thu, Nov 3, 2011
Wandoo Reader - Add Program - Awards Setup
Viewed 3369 times since Thu, Feb 26, 2015