02-14-2013, 03:45 AM
(02-14-2013, 03:42 AM)Mangix Wrote: If https://hashcat.net is used instead of the HTTP version, the image verification breaks as it's transmitted over HTTP and most browsers block insecure content.
This is an issues since there are now Hashcat rules in the https-everywhere extension. Also, Google plans on removing the Load Insecure Content option from future builds of Chrome, at least according to this video: https://www.youtube.com/watch?v=LBbCec4Bp10
Images should all be passed via HTTPS unless it is user supplied from HTTP. Where are you getting the non-compliant warnings from?