Merge pull request #1660 from PrivateBin/httpssecure

Make sure legacy check returns true only on HTTPS (not like ftp or whatever)
2026-03-05 13:30:32 -05:00 · 2025-09-30 20:40:28 +02:00
parent f03f2bf28d a0c0d3d37b
commit 9910b6f2a3
1 changed files with 2 additions and 2 deletions
--- a/js/legacy.js
+++ b/js/legacy.js
@@ -106,8 +106,8 @@
                return window.isSecureContext;
            }

-            // HTTP is obviously insecure
-            if (window.location.protocol !== 'http:') {
+            // HTTPS is considered secure
+            if (window.location.protocol === 'https:') {
                return true;
            }