Michellu, thanks for the reply, and still understood about the cookies but also still choose not to keep them. And thanks for the correction on the http login page - I checked the source and see the form action does use https. Sorry about mistakenly s [查看更多...] 发表于 has website language selection method changed?

Michellu, thanks for the reply, and still understood about the cookies but also still choose not to keep them. And thanks for the correction on the http login page - I checked the source and see the form action does use https. Sorry about mistakenly saying the login data was exposed in my last post. posted in has website language selection method changed?

I've noticed two new things. First, getting the Chinese language version of the login page is now happening only intermittently; sometimes I get the English version straight off, other times the Chinese.Second, a rather disturbing development is t [查看更多...] 发表于 has website language selection method changed?

I've noticed two new things. First, getting the Chinese language version of the login page is now happening only intermittently; sometimes I get the English version straight off, other times the Chinese.Second, a rather disturbing development is that I've noticed that when I do the the Chinese page after browsing to https://www.dreamstime.com/login.php while the Chinese version is indeed secure (the https: protocol), when I click on the "EN" link there to get the English version that link sends me to an insecure, unencrypted (http:) version. While I can then get the secure version of the English login page by changing the "http:" in the browser's address bar to "https:" and rerequesting the page, it seems a very poor security practice to redirect users from a secure version of the login page to an insecure version. It's quite likely that many users wouldn't notice the change and would login via the insecure page, thus exposing their login id and password to every router that their packets pass through on their way to the DT server. posted in has website language selection method changed?

Red, thanks for the reply. While the server does, of course, determine the language of the page it sends in response to the clients GET request, unless I'm missing something it should be trivial for the server to make that determination according t [查看更多...] 发表于 has website language selection method changed?

Red, thanks for the reply. While the server does, of course, determine the language of the page it sends in response to the clients GET request, unless I'm missing something it should be trivial for the server to make that determination according to the preference specified by the client via the Accept-Language header if sent, or by some alternate means (eg cookie if present or IP address geolocation if not) rather than simply ignoring the Accept-Language header when sent because some browsers don't send it. posted in has website language selection method changed?