Jump to content

Chrome blocks Pocket Query download


Les Pandas

Recommended Posts

Posted

Just set up a PQ today and on attempt to download get an alert blocking it. Had no problems up to now. Regularly use this method to load caches into my Etrex. Has anyone else had this?   Using Chrome as a browser and gmail account as address.

Thanks

  • Upvote 1
Posted

I had the same thing happen Saturday when I downloaded my My Finds PQ.  (Chrome & Gmail & Windows 10)  When the file showed up in the bottom bar I clicked the up arrow and "Keep".  This is the first time I've ever had the download flagged as a virus threat. 

  • Upvote 1
Posted

Have just found that if I go to my list and select download GPX that works fine, and can transfer this to my Etrex,  though Chrome still does not allow a PQ download of the same thing. 

Posted

I've noted this too.... Chrome, MacOS - I get a warning 'this can't be downloaded securely' or similar..... if I ignore it I get the PQ as normal.....

Posted (edited)

Had the same problem and fixed it. Recent versions of Chrome block insecure downloads (from http-sites) if the link starts from a secure (https) website). The link to the PQ is to an http-site. Your Gmail is an https-site.

 

You can fix this easily by going to: chrome://settings/content/insecureContent

On this page, add the following allowed URL and you're fine again: 'https://mail.google.com'

 

For some background info, refer to: https://www.ghacks.net/2020/10/08/chrome-is-blocking-downloads-here-is-why/

Edited by M.B.E.S.
  • Upvote 3
Posted

It's the same reason some images in old cache descriptions don't load if the image was hosted on another website and the img src is an http:// URL. Annoying Chrome disabled this by default; I'd prefer the 'old' way of informing that a secure webpage (https) is displaying insecure content (http). I know it can be disabled, but habitually, as a developer, if I disable it and forget or don't notice the protocol difference, I'll see everything fine but others won't. I dunno, tough call on the side of the browser devs.

 

Anyway, I figured it was the PQ data requested from an insecure URL. I'd think that HQ should make that download link secure, just to cover all the bases.  It's a secure url on the PQ downloads page, just not in the emails.

Posted
On 12/4/2020 at 7:53 AM, M.B.E.S. said:

Had the same problem and fixed it. Recent versions of Chrome block insecure downloads (from http-sites) if the link starts from a secure (https) website). The link to the PQ is to an http-site. Your Gmail is an https-site.

 

You can fix this easily by going to: chrome://settings/content/insecureContent

On this page, add the following allowed URL and you're fine again: 'https://mail.google.com'

 

For some background info, refer to: https://www.ghacks.net/2020/10/08/chrome-is-blocking-downloads-here-is-why/

This suggestion unlocks the door for any malware links sent via gmail.
This is like leaving your house unlocked because one of your kids refuses to take a key.

It is trivial for Groundspeak to change the PQ notification email embedded download link from http to https.
I modified a PQ notification email and it works fine.

Groundspeak PLEASE fix this.

 

  • Helpful 3

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...