https from Google Talk client
March 17, 2006 6:58 AM Subscribe
Is it possible to force gmail to open with https through the google talk client?
When I click the inbox link in my google talk client or click on a new email that pops up, my gmail account opens in my browser through http. Is there something I can configure on my computer to force any http request to use https for specific domains?
When I click the inbox link in my google talk client or click on a new email that pops up, my gmail account opens in my browser through http. Is there something I can configure on my computer to force any http request to use https for specific domains?
I use this extension with firefox and it seems to work for me. Theres a GMail tab in the options that makes it force https.
http://www.customizegoogle.com/
posted by skrike at 9:05 AM on March 17, 2006
http://www.customizegoogle.com/
posted by skrike at 9:05 AM on March 17, 2006
Response by poster: I've tried both of the above suggestions, and they each appear to load http, recognize that fact, then reload through https. Please correct me if I'm mistaken and they work differently, but that doesn't seem any more secure to me.
I dug around in the gm_script and customizegoogle extension, and I see something along the lines of: window.location.href.replace(/^http\:(.+)/, "https:$1"); in each.
Are these solutions secure, or is identical unsecure content loaded before secure?
posted by friedrice at 9:41 AM on March 17, 2006
I dug around in the gm_script and customizegoogle extension, and I see something along the lines of: window.location.href.replace(/^http\:(.+)/, "https:$1"); in each.
Are these solutions secure, or is identical unsecure content loaded before secure?
posted by friedrice at 9:41 AM on March 17, 2006
It might not be actually more secure if the password is passed unencrypted in HTTP. Your best bet might be to contact Google, they're usally pretty serious about security issues.
posted by Sharcho at 6:04 PM on March 17, 2006
posted by Sharcho at 6:04 PM on March 17, 2006
This might be a longshot but if the URLs are stored as strings or resources in the binary you could try using a tool that lets you manipulate those kinds of things.
posted by Rhomboid at 1:47 AM on March 18, 2006
posted by Rhomboid at 1:47 AM on March 18, 2006
This thread is closed to new comments.
posted by Sharcho at 9:01 AM on March 17, 2006