And fixed :)
121 posts • joined 3 Dec 2012
Sorry, not seeing on the page you linked to, nor on the actual index page for articles ( https://forums.theregister.co.uk/section/article/ )
Could you please submit a screenshot, and a little information about your browser (the contents of https://www.theregister.co.uk/cdn-cgi/trace would help) to webmaster@ please?
Re: Oh, I wish it was just as simple as that
yet the browsers are starting to complain that the site is insecure when logging in. Do I really need HTTPS?
Do you value giving all eavesdroppers on the connection between your computer and your server (both included) the ability to log into that site as yourself and do as they please with it?
… because that's effectively what's happening when you're logging in over HTTP.
It's even worse if you used a password you've re-used elsewhere… as now they also have access to that other thing. Or, worse, things.
Use https, use a password manager and create long, secure passwords… and don't use a password on more than one site.
Re: An admirable effort.
It's nothing more than a generic cert from CloudFlare
Well, not quite "a generic cert"… the certificate contains another couple second-level subdomains in the cert – a "generic wildcard cert" wouldn't be able to secure "m.forums" or "m.search".
Once another CA will make it as frictionless and cost-effective to have the same, I'll reconsider… We already use another wildcard cert on whitepapers, for example – and that's not under cloudflare, it's RapidSSL.
Unfortunately, the above situation means while we probably could also enable HSTS, we'd be doing that using Cloudflare's certs (something I'm neither strongly for or against, but I'd rather those were "our" certs)… and having two different CAs means we can't yet implement HPKP.
I guess once LetsEncrypt starts giving wildcard certs we'd be able to… so long as they offer one cert for all (?:sub)?domains we require ;)
Re: An admirable effort.
Complaining that you hadn't adopted HTTPS on every article in which you tell people to adopt HTTPS was one of the few pleasures I had left in this world!
The most common complaint du jour is lack of IPv6 support, you can jump right in!
Re: Please don't
I've got the gold badger and everything
You're welcome to install NetBSD on it ;)
Re: Please don't
ElReg's current methodology behind thumbing people is all but useless.
… as it's always been :)
up/downvotes "just" serve as an indication of whether commentards are liking or not a given comment.
I just need the tool to see who's downvoted me
Ain't gonna happen.
This is going to be addressed Soon®: we'll be showing a slightly different icon depending on which way you up/downvoted a post
The time has come ;)
I just upvoted everyone. Then logged out and back in again. And was allowed to upvote everyone again. Hooray!
You've always been allowed to "do" that.
I say "do" as our forums code simply "records your vote preference", and then kicks off a separate task to actually "make it so".
In the end, the last vote wins and gets recorded – as each "per forum post, per user" vote can be expressed only once, but you can change your mind anytime.
Unfortunately, the front-end code isn't currently showing which way you voted, so by tricking things a little you can make it appear as if you managed to (up- or) down-vote somebody into oblivion… but in reality, so long as you're using the same user account to make your "tests", all you've accomplished in the end is to choose whether to upvote or downvote a post.
This is going to be addressed Soon®: we'll be showing a slightly different icon depending on which way you up/downvoted a post (even with JS disabled, obviously), and (while still allowing you to re-cast your vote anytime) the numbers should be quite a bit more clear in the end – as the JS will also be able to take into consideration whether you had or hadn't already up/downvoted a post – and it not being currently able to do so is the source of the "visual bug".
The other "bug" is that we don't currently have a way for you to reverse your vote choice, i.e. if you upvote somebody then you decided that you actually didn't want to either upvote nor downvote the post, you can't go back to "no vote preference given": once up- or down-voted a post, you can only pick which way to vote. We're unlikely to fix this anytime soon, to be honest. Little to gain for a very small corner case.
But you can't upvote, downvote, then upvote again
Well spotted! You now can ;)
Re the feature request – yes, it's been something we've had on the back burner for a while, along with showing which way you voted – if you did – on posts.
It'll come soon®
Re: My code won't run but the spaces are great
Whilst tabs or spaces makes no difference to the compiler/interpreter
*cough* Makefiles *cough*
Re: @Drew Spurious Blank lines at end of comments
Could you email us at webmaster@ this domain?
See https://www.theregister.co.uk/Page/problem.html for the kind of information we'll likely need, i.e. the exact url you're seeing this on, the browser, IP, etc. etc.
Look forward to hearing from you!
The Webmaster ;)
Re: Website unusable at the moment
Specifically the NetApp animation, that takes about 3 minutes to load.
I've alerted our ad/ops team to this, thanks for your report!
Re: Smartphone app
Who messed with the CSS. The font sizes seem to be too big especially on comments.
The font size for article and comments body was quite a bit too small, and it's been set to ~16px, which is a good legible size for them.
Re: Anti-Ddos and missing images
On frequent occasions I'm missing images all over the website and I've now got a 5 second block when trying to load anything. What gives?!
Could you please email at webmaster@ with the contents of https://www.theregister.co.uk/cdn-cgi/trace please? Unless you're connecting from a bad reputation IP, that shouldn't happen.
Might it be you're connecting via tor? In that case, you might want to load at least once https://regmedia.co.uk/ so that Cloudflare can check your browser, and set a cookie which will allow your browser to load everything fine. Of course, if you then go and delete your cookies every time you close the browser, you might have to go through this again…
Re: Smartphone app
Also searching the app store I couldn't obviously find the app - has it been discontinued in favour of the mobile site?
The apps should've shown a "sticky article" for a couple weeks, saying that the API was getting discontinued at the end of January. All of them have been pulled from the respective app store, and the API has now been discontinued.
Use the mobile site instead.
Re: Topic Area Tabs - increase causing problems
the increase has caused (on my system at least) Bootnotes to wrap onto a second line
Hi, sorry to hear you're experiencing this issue. Would you be able to share a bit more details about your browser and system, as we can't reproduce the issue with the ones we most commonly use?
get in touch at webmaster@, thanks!
The mobile site doesn't have a way to get to the article comments.
It does! There's a bubble like link indicating number of comments which, when clicked, brings you to the forum.
It either says "N comments" or "Post a comment".
Re: Oh, meant to say - the Reg site is really slow on mobile
The thing that annoys me about El Reg comments pages, much as I love the content, is the Web 1.54382 design of voting…
Yup, that's coming Soon®
There seems to be a bug in El Reg's unit conversion page : It clocks the brontosausus at 138 m instead of the more reasonnable 22 m.
Thanks for pointing this out! It looks like this specific unit conversion has been wrong for quite a long time.
I've just now updated it to have a more meaningful value, i.e. exactly 157 linguine.
Hopefully El Reg will keep it 90s by still using the default HTML 4.0 table style...
I don't get it, sorry – HTML tables are still valid in HTML5, and are/should be used when presenting tabular data.
Granted, the table in that article looks like crap and it uses attributes which shouldn't really be used in HTML5 – but that's the default rendering of a table in a browser, mind you…
IMVHO, using tables for tabular data like in that article is totally fine, but using it to lay stuff out is not. What are your thoughts?
Re: Smartphone app
A better goal would be to deploy it and not have people notice. It should just work.
Precisely why I wrote he will notice. Not "everybody" ;)
Re: Smartphone app
El Reg still only seems to be IPv4
If you're that sharp-eyed, I'm sure you'll have noticed that the images domain, regmedia.co.uk, is available over IPv6 ;)
IPv6 will be coming to ElReg in the not-too-distant future (read: soon®)… likely as soon as I get a new, "shiny round tuit" to do the deployment of it as painlessly as possible. We've had a Git branch for it since ~2015 or so… but it's not ready yet. When it is, you'll notice.
You can go on your account page, and click the big "Delete Account" button, or go to https://account.theregister.co.uk/delete/
You'll need to be logged in and provide your password to do that, of course.
Looks like Cloudflare, our CDN, made a boo-boo at that time :|
Sorry for the trouble, it looks a SNAFU happened somewhere :|
The apps should've been displaying a message in the app in the last few _weeks_of January, mentioning that the API (and the apps with it) would cease to work at the end of January. Here is the message:
Apps users, a short note to announce that The Register is shutting down all apps with effect from January 31. We appreciate your eyeballs and owe you an explanation.
Our iOS app is serviceable but our Windows and Android apps are not fit for purpose - and have not been for a long time. it is not a good use of our money to rectify this.
Traffic via apps is low - a typical experience for news publishers - and effectively impossible to monetise unless we charge for downloads.
That’s not happening.
We have a small dev team and we need to focus resources. That means we are not futzing around, for instance to ensure that our apps are https compliant. The team’s next big project is to make The Register fully responsive.
In the meantime recommend that you read us on the mobile web at https://m.theregister.co.uk/.
As it's now February, it has indeed ceased to work.
AFAICT all the apps have since also been pulled from the respective app stores. You will likely want to uninstall the app from your mobile phone, as it's not going to work anymore.
You'll likely want to continue to read The Register on our mobile site; see above for the link.
I suggest you go to https://www.theregister.co.uk/ and click on the "mobile website" button at the bottom, as that'll ensure that any The Register URLs you open will then always be displayed on the mobile site - without having to manually switch between "www" and "m".
Apologies for the inconvenience caused,
The Webmaster ;)
Re: In any case...
... why should anybody be publishing malformed HTML? Haven't they heard of HTMLtidy?
Yes, but most distributions carry a very old version which croaks horribly with the most common things naïve writers throw at it: "broken html" input (AKA "tagsoup"), and HTML5 tags :|
Getting from "shitty tagsoup" to "well-formed HTML" is harder than it looks at first ;)
When will you embiggen the font?Possibly Soon®
Font size has been embiggened on both article body and forums posts.
When will you embiggen the font?
Meanwhile, you can always zoom in (CTRL+ or CMD+); most browsers will remember and use the zoom preference per-domain.
The site uses relative sizes for all its parts aside from the base font size, so zooming in/out literally makes everything bigger or smaller, with the same ratio.
Re: Mobile site on desktop
Go to the bottom of the page; you'll see a big "Mobile website" button. Click that, and you'll then "stick" to the mobile site (for all pages for which there _is_ a mobile site version of).
Re: Double agenda?
So now a website which doesn't use HTTPS gets labeled insecure by default?
Only if it contains something that looks like a log-in or sign-up form, for now
… as a man-in-the-middle would easily be able to change where the insecure form goes to, and you'd be none the wiser you'd be sending your personal details or log-in details to Mallory
Just recently, forums link on articles link to the https version of forums, so quite a few more users are getting the https version, and all seems smooth so far.
Also, the linked-to version for AMP pages and the "mobile size" pages is the https version.
In time, we'll be switching a few more links to https, but so far… smooth sailing ;)
Thanks for the help so far!
Right now, all forums related should be fully usable over https: things done on forums (post, create topic, edit post) redirect to the https version, all RHS links are to the https version (but not yet articles' forum link, or the overall forums list).
Re: Link to Forum on Articles
That comments link at the bottom of links is hardcoded to http.
Yup, that will get changed to be hardcoded to https ~next week, about the same time we'll make pretty much everything forums-related be https (other than the apps API).
Indeed, the redirect done after post / preview / edit currently goes to http (as it's currently a hard-wired prefix).
Soon (Monday) those kinds of redirect will instead be modified to go to https for everybody.
So… you'll be on http posting your comment, and *bam* you'll be on https – trying to enliven this stuff by causing minimal disruption, but so far things seem smooth as far as I can tell ;)
With only the hiccup that I got the rude message telling me I was sending data on an insecure connection and was then back on the normal http page. Which I assume is expected behaviour?
Correct, was expected behaviour then. Right now, if you load forums over https, all links, forms, and the whole "journey" should be https only :)
We're not yet redirecting, though!
https on thereg
Last year, Santa brought a TLS version of The Register (and its sub-domains).
It's been a long time coming, but as we're a small team it's taken a wee bit longer than expected. It's coming, though! Put down those pitchforks, please :)
A "top level" overview of what we'll be doing: we'll gradually start linking more things to the https version of the website, then set https as the "canonical" version, then start redirecting http to https, and eventually pretty much everything will be "https only".
Right now we aren't linking to the https version much, and most non-relative links… link to the http version. That's fine for the moment, as it allows us to test and interact with the https version without breaking much of the functionality for the http version.
I'm posting this as many people have posted about wanting to help with bringing TLS to The Register. If you're one of them, here's your chance to help!
How can you help? Type
https:// before any of our sub-domains and see if there's anything that breaks particularly hard for you. Report any issue back via email to
webmaster@ if you can (be arsed to).
Look forward to the day we'll be https only, thanks in no small part to you!
but I've no idea what you folks use for end to end ...
There's some info at http://www.theregister.co.uk/about/company/website/ which has been recently updated
a CDN push failure of some sort
Nope, good 'ole fashioned PEBKAC on our part...
Maybe a link to webmaster would be in order somewhere at the bottom
There's a very roundabout one: the "send us news tips" links to how to contact The Register for various things: news tips, ads issues, website issues, etc.
Someone sure did! ;)
Sorry I didn't catch this earlier, we got an email to webmaster@ about this exactly one hour ago, and it got fixed in ~40 mins.
I don't roam the forums that often, but emails to webmaster@ are read as they come in…
If possible, always use webmaster@ to alert us of this kind of stuff, as there are higher chances we read, fix stuff, and (usually) reply!
Re: No other place to put this
The El Reg commenting platform is now hopelessly broken on Chrome on Android
Would you be able to share more details about this? e-mail webmaster@ please and we'll see how we can help!
Yup, we've had a bit of an issue with the new version of the mailing lists, which ended up taking a good wee bit longer getting sent than anticipated.
They will be sent again, this time… timely, starting Monday (ɐᴉlɐɹʇsn∀ ɹoɟ ʎɐpunS ɹo).
Remap caps lock to Ctrl, then use Ctrl+[ to escape. That's what I already do today. You need both hands, sure, but it's not as hard on the hands, at least for me.
I sometimes also use Ctrl+C to exit insert mode, also fine.
The huge dealbreaker for me seems to be the lack of function keys... but I guess I could remap what I have currently mapped to function keys to a leader combination instead. Feels klunky, though!
Re: mobile sites are already using the https version since ~Friday afternoon
Going to https://m.theregister.co.uk/ quietly redirects me to the non SSL version.
Yup, as it should - as it's not available (yet) over https. Never claimed it was. A critical part of the mobile pages now loads over https, though - not the pages themselves.
Please point me to where is it free to get a wildcard certificate accepted by all browsers </snark>
To actually answer you, we're working on it… but it's not as easy as pushing a button :)
We're currently in the process of "conservatively slowly" migrating one critical piece of our infrastructure to https for all users, and we're doing it for ~1‰ of our user base every ~10 minutes (mobile sites are already using the https version since ~Friday afternoon).
We're _very_ conservative when it comes to doing big changes like this (i.e. TLS, IPv6, etc). Our users deserve things done right (even if quite a bit late) rather than hastily done and full of creepy crawlers!
Shame they don't offer wildcards certificates, yet.
I look forward to that day!
It's on the top left hand side now!
Re: the Register ... no IPv6
We've got plans (and a Git branch) to make it all work on IPv6. We will enable it, but cannot yet.
Right now when posting via an IPv6 address some stuff breaks on our forums, which causes "issues", and I have to manually move the failed posts to /dev/null. No aether involved.
Don't piss off the sysadmins.
> Silver Badge came though overnight.
Yup, gets run daily in the morning. so if one day you have the prerequisites, the next you'll be granted them!
Yarr harr! Yup, it does! it's called "evil" mode!
https://github.com/syl20bnr/spacemacs/ and use "evil mode". That's as close to "a good vi" in Emacs as you can get, with quite a bit of additional "goodies".