From a0c0d3d37b852e4ea06c670a4d8c0b612ebe1ce9 Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Tue, 30 Sep 2025 14:21:17 +0200
Subject: [PATCH] Make sure legacy check returns true only on HTTPS (not like
 ftp or whatever)

I am not sure why it was expressed so convoluted before?

Found that in https://github.com/orgs/PrivateBin/discussions/1657
---
 js/legacy.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/js/legacy.js b/js/legacy.js
index 5d6dbc0b..1f27107b 100644
--- a/js/legacy.js
+++ b/js/legacy.js
@@ -106,8 +106,8 @@
                 return window.isSecureContext;
             }
 
-            // HTTP is obviously insecure
-            if (window.location.protocol !== 'http:') {
+            // HTTPS is considered secure
+            if (window.location.protocol === 'https:') {
                 return true;
             }