Wow… just want to give you a short feedback on your new redesigned Xojo.com Website… looks great and modern…I like it though there is still a bad rating in Mozilla’s observatory test…
While it looks “pretty”… it sometimes is very slow to load… the animations do not add value, and various bits of important information were “removed” because they no longer fit the new theme… The purpose of a website IS information, but perhaps I’m just old fashion 
I once listened aghast to someone who proudly told me that their new website was clearly better for end users because they spent much longer on the home page than before.
However, I remain convinced it was because there were no obvious visual clues to what could/should be clicked upon, and waaaaayyyy too many little pockets of information.
A bit like a Windows phone screen, actually.
Especially the ‘What others are saying about Xojo’ animation annoys me at lot. A 5 sec timer scroller? Nobody will bother trying to read the testimonials, while in my view, this is one of the most important parts.
I personally find the animations distracting. Kind of like the kid who just discovered PowerPoint effects and starts putting transitions on every little thing.
Back to basics:
What is the goal of a web site ?
[quote=337064:@Emile Schwarz]Back to basics:
What is the goal of a web site ?[/quote]
To figure out how many angels can fit on the head of a pin 
Norman win the beer !
Well unlike many others I like the animations… maybe this is the reason why I am using them on my website aswell. My concerns are more on security by design and default… right now the website isn’t much secure regarding to Mozilla Observatory.
The site will never do well on Mozilla’s test- because some of their criteria pretty much assume you’ll do everything over https from the ground up. We only require https for sensitive information like logins and the store today. We also disagree with some of their recommendations that aren’t worth getting X more points on their test while breaking compatibility with something else for little benefit.
Some out of the box tests (like SSLLabs), the site will get an “A” on. Other out of the box tests it might not. That will always be the case.
We’re constantly audited (and pass!) in-depth tests for security- from XSS to potential injections, software vulnerabilities, etc. It isn’t something we will talk much about publicly. But it is very important to us.
Ja it’s hard to get a infrastructure with all its services and dependenies encrypted. And you are right that not all recommendations making sense in some cases. But - please do not take it as offence - your argument sounds like Volkswagen is complaining about emisson tests and how unrealistic EPA laboratory emissions testing conditions are. Security through obscurity doesn’t work, it never did.
Where is the point in not implementing some additional headers in your Apache config or .htaccess file? Or to hide your announced Apache 2.2.15 on CentOS header (current 2.4.25!!!). I doubt there are issues in doing so. Yes it’s hard work to discover all dependencies and domains for a proper CSP. And of course there are a lot of security and privacy issues beyond Mozilla observatory test - you named SSLLabs. Why just an A and not an A+? Why using 3rd party adroll.com and not your own open source piwik analytics on prem respecting do-not-track functions of your visitors and with anonymization of visitors IPs.
Sometimes it’s a long journey to privacy and security by design and default. Please do not stop halfway.
Don’t know if it is related (or if Xojo is working on it for the moment), but this morning I’m unable to access the forum from Firefox (Windows 10, 54.0, 32-bits). Works fine in Chrome.
Sorry it is in Dutch, but ‘meer info…’ (‘more info…’) takes me takes me here. (is in English)
I do not had these troubles (FireFox / MacBook Pro).
Nota: when I am using McDonalds WiFi, I have to use https (instead of http): else, I get the McDonalds WiFi supplier error web page.
In the Library, I removed all occurences of the Forum (that use http://) and the problem goes away (I go to web site by typing the first letters of the website, here: forum).
Back to the title of this conversation
When I am in front of a new web page and I move my head alternatively from left to right with my eye searching from top to bottom af reach nothing, my tendency is to close that window.
@Tobias Bussmann: Haha indeed this may sound inconsistent, but it isn’t 