Seeing "Not Secure" on the App Inventor link

Dear Team,

I have just started seeing the "Not Secure"in the MIT app Inventor when I click on the "Create Apps" to navigate to the website.

So, my students are a little worried about the security.

Warm Regards,
Sunila

2 Likes

See e.g. here:

Hello Sunila

Are you using the Chrome Browser? It tends to moan more than the others put together :upside_down_face: Try FireFox instead.

Thanks Christopher. But, even Firefox is "Not Secure".

The App Inventor 2 Web application is accessed using http; not https. If a web page is not https, most browsers supply a not secure message. AI2 is moving towards https but is not there yet.

The difference between HTTP vs HTTPS is simply the presence of a SSL certificate . HTTP doesn’t have SSL and HTTPS has SSL, which encrypts your information so your connections are secured. HTTPS also has TLS ( Transport Layer Security ) protocol that HTTP lacks. HTTPS is more secure than HTTP.

Not secure is a misnomer; http is just less secure than https. You might read HTTP vs. HTTPS: What's the Difference and Why Should You Care? | Entrepreneur .

1 Like

image

my webpage address bar shows Not Secure when i sign in to app inventor2

Il sito del MIT sta provvedendo a fare il passaggio da Http verso Https; ma ci vorrà un po di tempo. Comunque posso confermare che il loro sito è sicuro al 100%..quindi puoi stare tranquillo.

1 Like

It's not that big of a problem for me, the thing is, I am not able to connect it to my phone because of this and check it, as it gets stuck at 20%(Establishing Secure Connection) because the connection is not secure, please fix this asap

Check the dozens of other posts about the 20% issue, you are not alone (it has nothing to do with app inventor serving up as http://)

In the beginning I had a secure connection and now it doesn't anymore. Click in google chroom on the "not secure"(like in the picture above) -> site settings -> unsafe content -> allow.

It started when I could not log in in app create.

My assumption is that the certificate is not valuable anymore. But I don't know how to refresh it. I found this in the google settings:
Privacy and security -> manage certificate -> goose to windows certificates (but can't find mit app inventor)

Very unlikely....

There is a test server somewhere that operates as https://, but the main server and code server are and have always been http:// because of the way the application works.

I now see the login site is secure, maybe it was that. I did a security check in my google account and after loging in and out it get stuck again.

Now the solution is "use legacy connection"
link

But after closing down I need too reset the connection. Is this normal?

It does react on changes I have mad soo thats good for now.

This is an issue again. Is this a problem with certificate renewal, or was this never implemented?

Is it stopping you from developing in App Inventor ?

As repeated, the App Inventor URL starts with http:// without an s. So, some browsers (including Chrome) show that the website is unsecure. It shouldn't stop you from app developing if you have access to Google's server.

@John_Thomas Please see post #4. https has not yet been implemented.

I thought that must be outdated and that HTTPS had been implemented, because I usually notice "Not secure" in the browser. Maybe my recollection about AI2 is wrong and it's never been supported, I just missed it.

A bit surprising that MIT would allow it from a corporate point-of-view. Let's Encrypt provides free certificates (other providers may be available.)

and also see post #13