The App Inventor 2 Web application is accessed using http; not https. If a web page is not https, most browsers supply a not secure message. AI2 is moving towards https but is not there yet.
The difference between HTTP vs HTTPS is simply the presence of a SSL certificate . HTTP doesn’t have SSL and HTTPS has SSL, which encrypts your information so your connections are secured. HTTPS also has TLS ( Transport Layer Security ) protocol that HTTP lacks. HTTPS is more secure than HTTP.
Il sito del MIT sta provvedendo a fare il passaggio da Http verso Https; ma ci vorrà un po di tempo. Comunque posso confermare che il loro sito è sicuro al 100%..quindi puoi stare tranquillo.
It's not that big of a problem for me, the thing is, I am not able to connect it to my phone because of this and check it, as it gets stuck at 20%(Establishing Secure Connection) because the connection is not secure, please fix this asap
In the beginning I had a secure connection and now it doesn't anymore. Click in google chroom on the "not secure"(like in the picture above) -> site settings -> unsafe content -> allow.
It started when I could not log in in app create.
My assumption is that the certificate is not valuable anymore. But I don't know how to refresh it. I found this in the google settings:
Privacy and security -> manage certificate -> goose to windows certificates (but can't find mit app inventor)
There is a test server somewhere that operates as https://, but the main server and code server are and have always been http:// because of the way the application works.
As repeated, the App Inventor URL starts with http:// without an s. So, some browsers (including Chrome) show that the website is unsecure. It shouldn't stop you from app developing if you have access to Google's server.
I thought that must be outdated and that HTTPS had been implemented, because I usually notice "Not secure" in the browser. Maybe my recollection about AI2 is wrong and it's never been supported, I just missed it.
A bit surprising that MIT would allow it from a corporate point-of-view. Let's Encrypt provides free certificates (other providers may be available.)
This is a real issue for me. My school IT did something so now when we go to create apps, it blocks the site, saying it’s not secure and cannot be reached.
We asked them to whitelist it but they said that they won’t because their security software is flagging it as malware -_-
As posted above, it may be a misnomer that it is slightly less secure, but school IT doesn’t care. They’re too scared to lose their jobs to do any research or look at the suggestions from the school IT instructions.
I’m just trying to get my students excited about coding and app making, but it is impossible to do with MIT lagging behind the rest of the internet.
The problem is the Web app is http and not https. @ewpatton has previously indicated MIT is working on getting it to https; but do not have a solution yet.
You could use a third party stand alone clone of AI which would have to be installed on each PC however a guess is your IT would be even more reluctant to that than to whitelist.
Hi @TechConk,
a workaround could be: disconnect the PC's of your classroom from the school network (WiFi or cable) use your students' smartphones as hot-spots, then use Brave browser. If the black list filter is not on any single PC, but on the domain controller, it would be not pleasant for your IT security officers, but it will work.
Probably if they (the IT guys) will see that (trick), they will help you to find a "cooperative" solution.