Quote:
Originally Posted by spadebidder
The PB client most definitely uses HTTPS to talk to the server. I went there and got on a playmoney table just to trace the communication and see what it does. Your guy is mistaken.
|
I can guarantee you that it wasn't this morning. And I was not on a play money table. I'm not the guy chester is referring to, but he PMed me about the secure thing so I checked it out.
Here is the link from my browser history:
http://www.pitbullpoker.com/poker/game/child.jsp?id=0&v=h&cv=i&gv=h&rv=g&t=NL%20$0.10%20H oldem,Se7en
(This is from a $0.10 table named Se7en)
And here is the html source for that page:
Code:
<html><head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
<title>www.pitbullpoker.com - Game View</title>
<link href="child.jsp_files/style.css" rel="stylesheet" type="text/css">
<!-- www.hitslink.com/ web tools statistics hit counter code -->
<script type="text/javascript">//<![CDATA[
var data,nhp,ntz,rf,sr,i,d=new Date(),pageName;
// The pageName variable can be customized if needed
pageName=location.pathname;
document.cookie='__support_check=1';nhp='http';
rf=document.referrer;sr=window.location.search;
if(top.window.location==document.referrer
|| (document.referrer == '' && top.window.location != ''))
{rf=top.document.referrer;sr=top.window.location.search}
ntz=new Date();if(location.href.substr(0,6).toLowerCase()=='https:')
nhp='https';data='&an='+escape(navigator.appName)+
'&sr='+escape(sr)+'&ck='+document.cookie.length+
'&rf='+escape(rf)+'&sl='+escape(navigator.systemLanguage)+
'&av='+escape(navigator.appVersion)+'&l='+escape(navigator.language)+
'&pf='+escape(navigator.platform)+'&pg='+escape(pageName);
if(navigator.appVersion.substring(0,1)>'3') {data=data+'&cd='+
screen.colorDepth+'&rs='+escape(screen.width+ ' x '+screen.height)+
'&tz='+ntz.getTimezoneOffset()+'&je='+ navigator.javaEnabled()};
i=new Image();i.src=nhp+'://counter.hitslink.com/statistics.asp'+
'?v=1&s=201&acct=pitbullpoker'+data+'&tks='+d.getTime(); //]]>
</script>
<!-- End www.hitslink.com/ statistics web tools hit counter code -->
<script charset="utf-8" id="injection_graph_func" src="child.jsp_files/injection_graph_func.js"></script></head><body leftmargin="0" topmargin="0" bgcolor="#eae6d9" marginheight="0" marginwidth="0" text="#000000">
<script language="JavaScript">
//create unique id
var uid = 1248796261183;
//create proxy to flash
//var flashProxy = new FlashProxy(uid, 'JSProxy/JavaScriptFlashGateway.swf');
//this function is called from Flash
function activateGame()
{
try{
// window.onfocus = '';
//window.onfocus = activateGame;
// window.onblur = inactivateGame;
flashProxy.call("onFocused", uid);
}
catch(e){
alert("this is the error"+ e);
}
}
//window.onfocus = activateGame;
//window.onblur = inactivateGame;
function inactivateGame()
{
// remove the event to stop an infinite loop!
flashProxy.call("onLostFocus", uid);
window.onfocus = activateGame;
//window.onblur = '';
}
</script>
<script language="javascript" type="text/javascript">
var __pingInterval;
var newWidth = 0;
var newHeight = 0;
var currentWidth = 0;
var currentHeight = 0;
var MIN_WIDTH = 425 ; //442.22; // 796/1.8
var MIN_HEIGHT = 294.0; //305.55; // 550/1.8
var DEFAULT_DIFX = 12;
var DEFAULT_DIFY = 52;
// We get the screen size
var screenWidth = screen.width;
var screenHeight = screen.height;
var defaultW;
var defaultH;
var isOnProcess = false;
var difX = -1;
var difY = -1;
var oldXFactor = 0;
var oldYFactor = 0;
var __auxInterval;
var hasFocus = false;
/**
* Called when the window "unloads"
* @param
*/
window.onunload = function()
{
clearInterval(__pingInterval);
window.close();
}
/**
* Called when the window loads
* @param
*/
window.onload = function()
{
__pingInterval = setInterval('ping()', 250);
getSize();
defaultW = newWidth;
defaultH = newHeight;
currentWidth = newWidth;
currentHeight = newHeight;
hasFocus = true;
setTitle();
if( window.innerWidth && window.innerHeight && ( window.innerWidth < 796 || window.innerHeight < 550 ) )
{
currentWidth = 796;
currentHeight = 550;
setTimeout( 'window.innerWidth = 796; window.innerHeight = 550;', 1000 );
}
else if( document.body && document.body.clientWidth && document.body.clientHeight && ( document.body.clientWidth < 796 || document.body.clientHeight < 550 ) )
{
currentWidth = 796;
currentHeight = 550;
setTimeout( 'window.resizeTo(796, 550);', 1000 );
}
else if( document.documentElement && document.documentElement.clientWidth && document.documentElement.clientHeight && ( document.documentElement.clientWidth < 796 || document.documentElement.clientHeight < 550 ) )
{
currentWidth = 796;
currentHeight = 550;
setTimeout( 'window.resizeTo(796, 550);', 1000 );
}
}
/**
* Called when the window is resized
* @param
*/
window.onresize = resizeWindow;
function resizeWindow()
{
if( isOnProcess )
return;
clearInterval( __auxInterval );
isOnProcess = true;
// After resize, we get the new size (stored in newWidth and newHeight variables)
getSize();
// We see how the size changed
var xFactor = newWidth / MIN_WIDTH;
var yFactor = newHeight / MIN_HEIGHT;
var shouldCenter = false;
var shouldSetSize = true;
// We choose the factor to adjust the window size
var factor = (Math.abs(newWidth - currentWidth) > Math.abs(newHeight - currentHeight)) ? xFactor : yFactor;
// We calculate the new size
if (Math.abs(newWidth - currentWidth) > Math.abs(newHeight - currentHeight))
{
currentHeight = MIN_HEIGHT * xFactor;
currentWidth = newWidth;
}
else
{
currentHeight = newHeight;
currentWidth = MIN_WIDTH * yFactor;
}
//alert("currentWidth "+ currentWidth +" screenWidth "+screenWidth+" currentHeight "+currentHeight+" screenHeight "+ screenHeight);
if( screen.width != undefined && screen.height != undefined && ( currentWidth >= (screenWidth - 15) || currentHeight > (screenHeight) ) )
{
/* currentWidth = currentWidth / factor;
currentHeight = currentHeight / factor;
factor = ( xFactor < yFactor ) ? xFactor : yFactor;
currentWidth = currentWidth * factor;
currentHeight = currentHeight * factor;
*/
var rate = screenWidth / screenHeight;
if( rate < 1.6 )
{
currentWidth = screenWidth;
currentHeight = screenHeight;
shouldSetSize = false;
}
else
{
currentHeight = newHeight;
currentWidth = MIN_WIDTH * yFactor;
}
shouldCenter = true;
}
// If new size is smaller than min, we adjust
if( currentWidth < MIN_WIDTH || currentHeight < MIN_HEIGHT )
{
currentWidth = MIN_WIDTH;
currentHeight = MIN_HEIGHT;
}
// Finally, we set the new size
if(shouldSetSize){
setSize( currentWidth, currentHeight, shouldCenter );
}
setTimeout( 'clearIsOnProcess()', 320 );
//isOnProcess = false;
}
/**
* Sets a new size for this window
* @param
*/
function setSize(width, height, shouldCenter)
{
// Non-IE
if(window.innerWidth)
{
window.innerWidth = width;
window.innerHeight = height;
}
// IE
else if (window.resizeTo)
{
if( difX == -1 && difY == -1 )
{
try
{
window.resizeTo(width, height);
if(shouldCenter)
{
difX = width - document.body.clientWidth;
difY = height - document.body.clientHeight;
}
else
{
difX = DEFAULT_DIFX ;
difY = DEFAULT_DIFY ;
}
}
catch(e)
{
difX = DEFAULT_DIFX; // If we cant calculate those values, we set them as default
difY = DEFAULT_DIFY;
}
}
try
{
window.resizeTo( width + difX , height + difY );
}
catch(e)
{
isOnProcess = false;
clearInterval( __auxInterval );
__auxInterval = setInterval( "resizeWindow()", 300 );
//resizeWindow();
}
}
if( shouldCenter )
{
var posX = (screenWidth > width)? ( (screenWidth-width)/2 ) : 0 ;
var posY = 0 ;
setTimeout("window.moveTo(" + posX + ", " + posY + ")", 500);
}
}
/**
* Restores the isOnProcess variable to false
* @param
*/
function clearIsOnProcess()
{
isOnProcess = false;
}
/**
* Gets the current window size. It is being called after a resize event has been triggered.
* @param
*/
function getSize()
{
screenWidth = screen.width;
screenHeight = screen.height;
// Non-IE
if( typeof( window.innerWidth ) == 'number' )
{
newWidth = window.innerWidth;
newHeight = window.innerHeight;
}
// IE 6+ in 'standards compliant mode'
else if( document.documentElement && ( document.documentElement.clientWidth || document.documentElement.clientHeight ) )
{
newWidth = document.documentElement.clientWidth;
newHeight = document.documentElement.clientHeight;
}
// IE 4 compatible
else if( document.body && ( document.body.clientWidth || document.body.clientHeight ) )
{
newWidth = document.body.clientWidth;
newHeight = document.body.clientHeight;
}
}
/**
* Pings the parent to see if it is still alive
* @param
*/
function ping()
{
try{
if( !window.opener || window.opener.closed )
{
checkBeforeUnload = false;
var time = Math.round( Math.random()*250 );
setTimeout( "window.close()", time );
}
}catch(error){
var time = Math.round( Math.random()*250 );
setTimeout( "window.close()", time );
}
}
/**
* Sets the title for this window
* @param
*/
function moveAndResize( x, y, w, h )
{
window.focus();
//try{
// window.moveTo( x, y );
if( w==0 && h==0 )
window.setSize/*resizeTo*/( defaultW, defaultH );
else
window.setSize/*resizeTo*/( w, h );
setTimeout("window.moveTo(" + x + ", " + y + ")", 500);
//}catch( e ){}
}
/**
* Opens the suggestions window
* @param
*/
function doOpenFeedback()
{
var url = "/poker/feedback.do";
var l = (screen.width - 605) / 2;
var t = (screen.height - 560) / 2;
window.open( url,'_blank','width=605,height=560,scrollbars=yes,resizable=no, left=' + l + ' top= ' + t );
}
/**
* Sets the title for this window
* @param
*/
function setTitle()
{
var params = unescape( location.search.substring(1) );
var p = params.split("&");
var t = p[5].split("=");
document.title = t[1];
}
function updateTitle( tableNumber )
{
var title = document.title;
var array = title.split("Table");
var firstPart = array[0];
setTitle( firstPart + "Table " + tableNumber );
}
</script>
<table align="center" bgcolor="black" border="0" cellpadding="0" cellspacing="0" height="100%" width="100%">
<tbody><tr><td align="center" valign="middle">
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0" id="Child" name="Child" align="middle" height="100%" width="100%">
<param name="movie" value="../template/default/GraphicChild30h.swf">
<param name="FlashVars" value="id=0&currentVersion=h&codeVersion=i&graphicsVersion=h&resourcesVersion=g&lcId=1248796261183">
<param name="quality" value="high">
<param name="bgcolor" value="#000000">
<param name="menu" value="false">
<param name="scale" value="exactfit">
<embed src="child.jsp_files/GraphicChild30h.swf" menu="false" quality="high" bgcolor="#000000" name="Child" allowscriptaccess="sameDomain" type="application/x-shockwave-flash" scale="aspect" pluginspage="http://www.macromedia.com/go/getflashplayer" flashvars="id=0&currentVersion=h&codeVersion=i&graphicsVersion=h&resourcesVersion=g&lcId=1248796261183" height="100%" width="100%"><a class="zmoebmdurxclyocpqaby" href="http://www.pitbullpoker.com/poker/template/default/GraphicChild30h.swf"></a><a class="zmoebmdurxclyocpqaby" href="http://www.pitbullpoker.com/poker/template/default/GraphicChild30h.swf"></a>
</object>
</td></tr>
</tbody></table>
</body></html>
This line is very interesting:
<embed src="child.jsp_files/GraphicChild30h.swf" menu="false" quality="high" bgcolor="#000000" name="Child" allowscriptaccess="sameDomain" type="application/x-shockwave-flash" scale="aspect" pluginspage="http://www.macromedia.com/go/getflashplayer" flashvars="id=0&currentVersion=h&codeVersi on=i&graphicsVersion=h&resourcesVersion=g& amp;lcId=1248796261183" height="100%" width="100%">
<a class="zmoebmdurxclyocpqaby" href="http://www.pitbullpoker.com/poker/template/default/GraphicChild30h.swf"></a><a class="zmoebmdurxclyocpqaby"
href="http://www.pitbullpoker.com/poker/template/default/GraphicChild30h.swf"></a>
The source of the flash object is obscured because this is the Firefox Save All to save the page. But if you look at the href of the <a> tag you can clearly see it's not HTTPS, but HTTP.
I just checked and here's what that bit of source looks like now:
<embed src="childMadagascar.jsp_files/GraphicChild30h.swf" menu="false" quality="high" bgcolor="#000000" name="Child" allowscriptaccess="sameDomain" type="application/x-shockwave-flash" scale="aspect" pluginspage="http://www.macromedia.com/go/getflashplayer" flashvars="id=0&currentVersion=h&codeVersi on=i&graphicsVersion=h&resourcesVersion=g& amp;lcId=1248819021896" height="100%" width="100%">
<a style="left: 1853px ! important; top: 0px ! important;" title="Click here to block this object with ******* Plus" class="zmoebmdurxclyocpqaby"
href="https://www.pitbullpoker.com/poker/template/default/GraphicChild30h.swf"></a>
I can't say for sure this isn't the browser doing something squirrely. But I don't think it is. It looks to me like proof that they changed some parameter which switched the whole site over to HTTPS.
Here is the link from a page I looked at later in the day, on a $.04 table called The Hangover, from my history:
https://www.pitbullpoker.com/poker/game/child.jsp?id=0&v=h&cv=i&gv=h&rv=g&t=NL%20$0.04%20H oldem,The%20Hangover
From my history, here is the link to the game view (list of open tables), from this morning:
ht tp://www.pitbullpoker.com/poker/game/window25.do?re fresh=1248795836088
And here from a few hours later:
ht tps://www.pitbullpoker.com/poker/game/window25.do?refresh=1248809065039
Both pages I accessed by going to to
http://pitbullpoker.com and logging on. In one case I was directed to http links, in the other https.
Two Plus Two
Linear Mode
